[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 151-160

Ensurepass

QUESTION 151

Refer to the exhibit of an ISAKMP debug. Which message of the exchange is failing?

 

clip_image002

 

A.

main mode 1

B.

main mode 3

C.

aggressive mode 1

D.

main mode 5

E.

aggressive mode 2

 

Correct Answer: B

 

 

QUESTION 152

Which Cisco IPS appliance feature can automatically adjust the risk rating of IPS events based on the reputation of the attacker?

 

A.

botnet traffic filter

B.

event action rules

C.

anomaly detection

D.

reputation filtering

E.

global correlation inspection

 

Correct Answer: E

 

QUESTION 153

Which mode of operation must be enabled on CSM to support roles such as Network Administrator, Approver, Network Operator, and Help Desk?

 

A.

Deployment Mode

B.

Activity Mode

C.

Workflow Mode

D.

User Roles Mode

E.

Administration Mode

F.

Network Mode

 

Correct Answer: C

 

 

QUESTION 154

Which two ISE Probes would be required to distinguish accurately the difference between an iPad and a MacBook Pro? (Choose two.)

 

A.

DHCP or DHCPSPAN

B.

SNMPTRAP

C.

SNMPQUERY

D.

NESSUS

E.

HTTP

F.

DHCP TRAP

 

Correct Answer: AE

 

 

QUESTION 155

Which configuration option will correctly process network authentication and authorization using both 802.1X and MAB on a single port?

 

A.

clip_image004

B.

clip_image006

C.

clip_image008

D.

clip_image010

 

Correct Answer: A

 

 

QUESTION 156

Which statement regarding the routing functions of the Cisco ASA is true?

 

A.

The translation table can override the routing table for new connections.

B.

The ASA supports policy-based routing with route maps?.

C.

In a failover pair of ASAs, the standby firewall establishes a peer relationship with OSPF neighbors.

D.

Routes to the Null0 interface can be configured to black-hole traffic.

 

Correct Answer: A

 

 

QUESTION 157

Which three statements are true about the Cisco ASA object configuration below? (Choose three.)

 

object network vpnclients

range 10.1.100.4 10.1.100.10

object network vpnclients

nat (outside,outside) dynamic interface

 

A.

The NAT configuration in the object specifies a PAT rule.

B.

This configuration requires the command same-security-traffic inter-interface for traffic that matches this NAT rule to pass through the Cisco ASA appliance.

C.

The NAT rule of this object will be placed in Section 1 (Auto-NAT) of the Cisco ASA NAT table.

D.

This configuration is most likely used to provide Internet access to connected VPN clients.

E.

Addresses in the range will be assigned during config-mode.

 

Correct Answer: ACD

QUESTION 158

Which three attributes may be configured as part of the Common Tasks panel of an authorization profile in the Cisco ISE solution? (Choose three.)

 

A.

VLAN

B.

voice VLAN

C.

dACL name

D.

voice domain permission

E.

SGT

 

Correct Answer: ACD

 

 

QUESTION 159

Which two statements describe the Cisco TrustSec system correctly? (Choose two.)

 

A.

The Cisco TrustSec system is a partner program, where Cisco certifies third-party security products as extensions to the secure infrastructure.

B.

The Cisco TrustSec system is an approach to certifying multimedia and collaboration applications as secure.

C.

The Cisco TrustSec system is an Advanced Network Access Control System that leverages enforcement intelligence in the network infrastructure.

D.

The Cisco TrustSec system tests and certifies all products and product versions that make up the system as working together in a validated manner.

 

Correct Answer: CD

 

 

QUESTION 160

Which option is the correct definition for MAB?

 

A.

MAB is the process of checking the mac-address-table on the local switch for the sticky address. If the mac-address of the device attempting to access the network matches the configured sticky address, it will be permitted to bypass 802.1X authentication.

B.

MAB is a process where the switch will send an authentication request on behalf of the endpoint that is attempting to access the network, using the mac-address of the device as the credentials. The authentication server evaluates that MAC address against a list of devices permitted to access the network without a stronger authentication.

C.

MAB is a process where the switch will check a local list of MAC addresses to identify systems that are permitted network access without using 802.1X.

D.

MAB is a process where the supplicant on the endpoint is configured to send the MAC address of the endpoint as its credentials.

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 350-018 Practice Tests

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …