New Updated Cisco CCIE Security 350-018 Real Exam Download 101-110

Ensurepass

QUESTION 101

Which three nonproprietary EAP methods do not require the use of a client-side certificate for mutual authentication? (Choose three.)

 

A.      LEAP

B.      EAP-TLS

C.      PEAP

D.      EAP-TTLS

E.       EAP-FAST

 

Correct Answer: CDE

 

 

QUESTION 102

When you compare WEP to WPA (not WPA2), which three protections are gained? (Choose three.)

 

A.      a message integrity check

B.      AES-based encryption

C.      avoidance of weak Initialization vectors

D.      longer RC4 keys

E.       a rekeying mechanism

 

Correct Answer: ACE

 

 

QUESTION 103

Which option shows the correct sequence of the DHCP packets that are involved in IP address assignment between the DHCP client and the server?

 

A.      REQUEST, OFFER, ACK

B.      DISCOVER, OFFER, REQUEST, ACK

C.      REQUEST, ASSIGN, ACK

D.      DISCOVER, ASSIGN, ACK

E.       REQUEST, DISCOVER, OFFER, ACK

 

Correct Answer: B

 

 

QUESTION 104

Which common FTP client command transmits a direct, byte-for-byte copy of a file?

 

A.      ascii

B.      binary

C.      hash

D.      quote

E.       glob

 

Correct Answer: B

 

 

QUESTION 105

Which option is a desktop sharing application, used across a variety of platforms, with default TCP ports 5800/5801 and 5900/5901?

 

A.      X Windows

B.      remote desktop protocol

C.      VNC

D.      desktop proxy

 

Correct Answer: C

 

 

QUESTION 106

Which two of the following provide protect against man-in-the-middle attacks? (Choose two.)

 

A.      TCP initial sequence number randomization?

B.      TCP sliding-window checking

C.      Network Address Translation

D.      IPsec VPNs

E.       Secure Sockets Layer

 

Correct Answer: DE

 

 

QUESTION 107

An exploit that involves connecting to a specific TCP port and gaining access to an administrative command prompt is an example of which type of attack?

 

A.      botnet

B.      Trojan horse

C.      privilege escalation

D.      DoS

 

Correct Answer: C

 

 

QUESTION 108

Refer to the exhibit. Which statement is true?

 

clip_image002

 

A.      This packet decoder is using relative TCP sequence numbering.

B.      This TCP client is proposing the use of TCP window scaling.

C.      This packet represents an active FTP data session.

D.      This packet contains no TCP payload.

 

Correct Answer: D

 

 

QUESTION 109

When configuring an Infrastructure ACL (iACL) to protect the IPv6 infrastructure of an enterprise network, where should the iACL be applied??

 

A.      all infrastructure devices in both the inbound and outbound direction

B.      all infrastructure devices in the inbound direction

C.      all infrastructure devices in the outbound direction

D.      all parameter devices in both the inbound and outbound direction

E.       all parameter devices in the inbound direction

F.       all parameter devices in the outbound direction

 

Correct Answer: E

 

 

QUESTION 110

What feature on the Cisco ASA is used to check for the presence of an up-to-date antivirus vendor on an AnyConnect client?

 

A.      Dynamic Access Policies with no additional options

B.      Dynamic Access Policies with Host Scan enabled

C.      advanced endpoint assessment

D.      LDAP attribute maps obtained from Antivirus vendor

 

Correct Answer: B

 

Download Latest Complete collection of 350-018 Real Q&As ,help you to pass exam 100%.

Download FREE Ensurepass CCIE Security 350-018 Demo and Get the Discount Code
Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCIE ExamS Questions and Answers

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.