[Free] Download New Updated (February 2016) Cisco 350-018 Practice Tests 201-210

Ensurepass

QUESTION 201

Which two options represent definitions that are found in the syslog protocol (RFC 5426)? (Choose two.)

 

A.

Syslog message transport is reliable.

B.

Each syslog datagram must contain only one message.

C.

IPv6 syslog receivers must be able to receive datagrams of up to 1180 bytes.

D.

Syslog messages must be prioritized with an IP precedence of 7.

E.

Syslog servers must use NTP for the accurate time stamping of message arrival.

 

Correct Answer: BC

 

 

QUESTION 202

According to RFC-5426, syslog senders must support sending syslog message datagrams to which port?

 

A.

TCP port 514

B.

UDP port 514

C.

TCP port 69

D.

UDP port 69

E.

TCP port 161

F.

UDP port 161

 

Correct Answer: B

 

 

QUESTION 203

Refer to the exhibit. What service is enabled on the router for a remote attacker to obtain this information?

 

clip_image002

 

A.

TCP small services

B.

finger

C.

maintenance operation protocol

D.

chargen

E.

Telnet

F.

CEF

 

Correct Answer: B

 

 

QUESTION 204

In an 802.11 wireless network, what would an attacker have to spoof to initiate a deauthentication attack against connected clients?

 

A.

the BSSID of the AP where the clients are currently connected

B.

the SSID of the wireless network

C.

the MAC address of the target client machine

D.

the broadcast address of the wireless network

 

Correct Answer: A

 

 

QUESTION 205

What is the commonly known name for the process of generating and gathering initialization vectors, either passively or actively, for the purpose of determining the security key of a wireless network?

 

A.

WEP cracking

B.

session hijacking

C.

man-in-the-middle attacks

D.

disassociation flood frames

 

Correct Answer: A

 

 

QUESTION 206

According to RFC 4890, which four ICMPv6 types are recommended to be allowed to transit a firewall? (Choose four.)

 

A.

Type 1 – destination unreachable

B.

Type 2 – packet too big

C.

Type 3 – time exceeded

D.

Type 0 – echo reply

E.

Type 8 – echo request

F.

Type 4 – parameter problem

 

Correct Answer: ABCF

 

 

QUESTION 207

Which action is performed first on the Cisco ASA appliance when it receives an incoming packet on its outside interface?

 

A.

check if the packet is permitted or denied by the inbound ACL applied to the outside interface

B.

check if the packet is permitted or denied by the global ACL

C.

check if the packet matches an existing connection in the connection table

D.

check if the packet matches an inspection policy

E.

check if the packet matches a NAT rule

F.

check if the packet needs to be passed to the Cisco ASA AIP-SSM for inspections

 

Correct Answer: C

 

 

QUESTION 208

Refer to the exhibit. Which three statements about the Cisco ASDM screen seen in the exhibit are true? (Choose three.)

 

clip_image003

 

A.

This access rule is applied to all the ASA interfaces in the inbound direction.

B.

The ASA administrator needs to expand the More Options tag to configure the inbound or outbound direction of the access rule.

C.

The ASA administrator needs to expand the More Options tag to apply the access rule to an interface.

D.

The resulting ASA CLI command from this ASDM configuration is access-list global_access line 1 extended permit ip host 1.1.1.1 host 2.2.2.1.

E.

This access rule is valid only on the ASA appliance that is running software release 8.3 or later.

F.


This is an outbound access rule.

 

Correct Answer: ADE

 

 

QUESTION 209

If an incoming packet from the outside interface does not match an existing connection in the connection table, which action will the Cisco ASA appliance perform next?

 

A.

drop the packet

B.

check the outside interface inbound ACL to determine if the packet is permitted or denied

C.

perform NAT operations on the packet if required

D.

check the MPF policy to determine if the packet should be passed to the SSM

E.

perform stateful packet inspection based on the MPF policy

 

Correct Answer: B

 

 

QUESTION 210

When you are configuring QoS on the Cisco ASA appliance, which four are valid traffic selection criteria? (Choose four.)

 

A.

VPN group

B.

tunnel group

C.

IP precedence

D.

DSCP

E.

default-inspection-traffic

F.

qos-group

 

Correct Answer: BCDE

 

Free VCE & PDF File for Cisco 350-018 Practice Tests

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …