New 350-018 exam questions from PassLeader 350-018 dumps! Welcome to download the newest PassLeader 350-018 VCE and PDF dumps: http://www.passleader.com/350-018.html (894 Q&As)
P.S. Free 350-018 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfjE1cHRyNEtmX3JfdU9CUFlRZnVxNjZUbWxsSnBpNXM0QjZYZjBXZVgyOTQ
QUESTION 31
Refer to the exhibit. Which statement about this Cisco Catalyst switch 802.1X configuration is true?
A. If an IP phone behind the switch port has an 802.1X supplicant, MAC address bypass will still be used to authenticate the IP Phone.
B. If an IP phone behind the switch port has an 802.1X supplicant, 802.1X authentication will be used to authenticate the IP phone.
C. The authentication host-mode multi-domain command enables the PC connected behind the IP phone to bypass 802.1X authentication.
D. Using the authentication host-mode multi-domain command will allow up to eight PCs connected behind the IP phone via a hub to be individually authentication using 802.1X.
Answer: B
QUESTION 32
Which signature engine is used to create a custom IPS signature on a Cisco IPS appliance that triggers when a vulnerable web application identified by the “/runscript.php” URI is run?
A. AIC HTTP
B. Service HTTP
C. String TCP
D. Atomic IP
E. META
F. Multi-String
Answer: B
QUESTION 33
With the Cisco FlexVPN solution, which four VPN deployments are supported? (Choose four.)
A. site-to-site IPsec tunnels
B. dynamic spoke-to-spoke IPSec tunnels (partial mesh)
C. remote access from software or hardware IPsec clients
D. distributed full mesh IPsec tunnels
E. IPsec group encryption using GDOI
F. hub-and-spoke IPsec tunnels
Answer: ABCF
QUESTION 34
Which four techniques can you use for IP management plane security? (Choose four.)
A. Management Plane Protection
B. uRPF
C. strong passwords
D. RBAC
E. SNMP security measures
F. MD5 authentication
Answer: ACDE
QUESTION 35
Which three statements about remotely triggered black hole filtering are true? (Choose three.)
A. It filters undesirable traffic.
B. It uses BGP or OSPF to trigger a network-wide remotely controlled response to attacks.
C. It provides a rapid-response technique that can be used in handling security-related events and incidents.
D. It requires uRPF.
Answer: ACD
QUESTION 36
Which three statements about Cisco Flexible NetFlow are true? (Choose three.)
A. The packet information used to create flows is not configurable by the user.
B. It supports IPv4 and IPv6 packet fields.
C. It tracks all fields of an IPv4 header as well as sections of the data payload.
D. It uses two types of flow cache, normal and permanent.
E. It can be a useful tool in monitoring the network for attacks.
Answer: BCE
QUESTION 37
During a computer security forensic investigation, a laptop computer is retrieved that requires content analysis and information retrieval. Which file system is on it, assuming it has the default installation of Microsoft Windows Vista operating system?
A. HSFS
B. WinFS
C. NTFS
D. FAT
E. FAT32
Answer: C
QUESTION 38
Which three statements about the IANA are true? (Choose three.)
A. IANA is a department that is operated by the IETF.
B. IANA oversees global IP address allocation.
C. IANA managed the root zone in the DNS.
D. IANA is administered by the ICANN.
E. IANA defines URI schemes for use on the Internet.
Answer: BCD
QUESTION 39
What does the Common Criteria (CC) standard define?
A. The current list of Common Vulnerabilities and Exposures (CVEs)
B. The U.S standards for encryption export regulations
C. Tools to support the development of pivotal, forward-looking information system technologies
D. The international standards for evaluating trust in information systems and products
E. The international standards for privacy laws
F. The standards for establishing a security incident response system
Answer: D
QUESTION 40
Which three types of information could be used during the incident response investigation phase? (Choose three.)
A. netflow data
B. SNMP alerts
C. encryption policy
D. syslog output
E. IT compliance reports
Answer: ABD
QUESTION 41
Which of the following best describes Chain of Evidence in the context of security forensics?
A. Evidence is locked down, but not necessarily authenticated.
B. Evidence is controlled and accounted for to maintain its authenticity and integrity.
C. The general whereabouts of evidence is known.
D. Someone knows where the evidence is and can say who had it if it is not logged.
Answer: B
QUESTION 42
Which option is a benefit of implementing RFC 2827?
A. prevents DoS from legitimate, non-hostile end systems
B. prevents disruption of special services such as Mobile IP
C. defeats DoS attacks which employ IP source address spoofing
D. restricts directed broadcasts at the ingress router
E. allows DHCP or BOOTP packets to reach the relay agents as appropriate
Answer: C
QUESTION 43
Which of the following provides the features of route summarization, assignment of contiguous blocks of addresses, and combining routes for multiple classful networks into a single route?
A. classless interdomain routing
B. route summarization
C. supernetting
D. private IP addressing
Answer: A
QUESTION 44
Aggregate global IPv6 addresses begin with which bit pattern in the first 16-bit group?
A. 000/3
B. 001/3
C. 010/2
D. 011/2
Answer: B
QUESTION 45
Which layer of the OSI reference model typically deals with the physical addressing of interface cards?
A. physical layer
B. data-link layer
C. network layer
D. host layer
Answer: B
QUESTION 46
Which statement best describes a key difference in IPv6 fragmentation support compared to IPv4?
A. In IPv6, IP fragmentation is no longer needed because all Internet links must have an IP MTU of 1280 bytes or greater.
B. In IPv6, PMTUD is no longer performed by the source node of an IP packet.
C. In IPv6, IP fragmentation is no longer needed since all nodes must perform PMTUD and send packets equal to or smaller than the minimum discovered path MTU.
D. In IPv6, PMTUD is no longer performed by any node since the don’t fragment flag is removed from the IPv6 header.
E. In IPv6, IP fragmentation is performed only by the source node of a large packet, and not by any other devices in the data path.
Answer: E
QUESTION 47
Refer to the exhibit. It shows the format of an IPv6 Router Advertisement packet. If the Router Lifetime value is set to 0, what does that mean?
A. The router that is sending the RA is not the default router.
B. The router that is sending the RA is the default router.
C. The router that is sending the RA will never power down.
D. The router that is sending the RA is the NTP master.
E. The router that is sending the RA is a certificate authority.
F. The router that is sending the RA has its time synchronized to an NTP source.
Answer: A
QUESTION 48
If a host receives a TCP packet with an SEQ number of 1234, an ACK number of 5678, and a length of 1000 bytes, what will it send in reply?
A. a TCP packet with SEQ number: 6678, and ACK number: 1234
B. a TCP packet with SEQ number: 2234, and ACK number: 5678
C. a TCP packet with SEQ number: 1234, and ACK number: 2234
D. a TCP packet with SEQ number: 5678, and ACK number: 2234
Answer: D
QUESTION 49
A network administrator uses a LAN analyzer to troubleshoot OSPF router exchange messages sent to all OSPF routers. To which one of these MAC addresses are these messages sent?
A. 00-00-1C-EF-00-00
B. 01-00-5E-00-00-05
C. 01-00-5E-EF-00-00
D. EF-FF-FF-00-00-05
E. EF-00-00-FF-FF-FF
F. FF-FF-FF-FF-FF-FF
Answer: B
QUESTION 50
Comparing and contrasting IKEv1 and IKEv2, which three statements are true? (Choose three.)
A. IKEv2 adds EAP as a method of authentication for clients; IKEv1 does not use EAP.
B. IKEv1 and IKEv2 endpoints indicate support for NAT-T via the vendor_ID payload.
C. IKEv2 and IKEv1 always ensure protection of the identities of the peers during the negotiation process.
D. IKEv2 provides user authentication via the IKE_AUTH exchange; IKEv1 uses the XAUTH exchange.
E. IKEv1 and IKEv2 both use INITIAL_CONTACT to synchronize SAs.
F. IKEv1 supports config mode via the SET/ACK and REQUEST/RESPONSE methods; IKEv2 supports only REQUEST/RESPONSE.
Answer: ADE
QUESTION 51
Which three statements about GDOI are true? (Choose three.)
A. GDOI uses TCP port 848.
B. The GROUPKEY_PULL exchange is protected by an IKE phase 1 exchange.
C. The KEK protects the GROUPKEY_PUSH message.
D. The TEK is used to encrypt and decrypt data traffic.
E. GDOI does not support PFS.
Answer: BCD
QUESTION 52
Which three nonproprietary EAP methods do not require the use of a client-side certificate for mutual authentication? (Choose three.)
A. LEAP
B. EAP-TLS
C. PEAP
D. EAP-TTLS
E. EAP-FAST
Answer: CDE
QUESTION 53
When you compare WEP to WPA (not WPA2), which three protections are gained? (Choose three.)
A. a message integrity check
B. AES-based encryption
C. avoidance of weak Initialization vectors
D. longer RC4 keys
E. a rekeying mechanism
Answer: ACE
QUESTION 54
Which option shows the correct sequence of the DHCP packets that are involved in IP address assignment between the DHCP client and the server?
A. REQUEST, OFFER, ACK
B. DISCOVER, OFFER, REQUEST, ACK
C. REQUEST, ASSIGN, ACK
D. DISCOVER, ASSIGN, ACK
E. REQUEST, DISCOVER, OFFER, ACK
Answer: B
QUESTION 55
Which common FTP client command transmits a direct, byte-for-byte copy of a file?
A. ascii
B. binary
C. hash
D. quote
E. glob
Answer: B
QUESTION 56
Which option is a desktop sharing application, used across a variety of platforms, with default TCP ports 5800/5801 and 5900/5901?
A. X Windows
B. remote desktop protocol
C. VNC
D. desktop proxy
Answer: C
QUESTION 57
Which two of the following provide protect against man-in-the-middle attacks? (Choose two.)
A. TCP initial sequence number randomization
B. TCP sliding-window checking
C. Network Address Translation
D. IPsec VPNs
E. Secure Sockets Layer
Answer: DE
QUESTION 58
Refer to the exhibit. Which statement is true?
A. This packet decoder is using relative TCP sequence numbering.
B. This TCP client is proposing the use of TCP window scaling.
C. This packet represents an active FTP data session.
D. This packet contains no TCP payload.
Answer: D
QUESTION 59
An exploit that involves connecting to a specific TCP port and gaining access to an administrative command prompt is an example of which type of attack?
A. botnet
B. Trojan horse
C. privilege escalation
D. DoS
Answer: C
QUESTION 60
When configuring an Infrastructure ACL (iACL) to protect the IPv6 infrastructure of an enterprise network, where should the iACL be applied?
A. all infrastructure devices in both the inbound and outbound direction
B. all infrastructure devices in the inbound direction
C. all infrastructure devices in the outbound direction
D. all parameter devices in both the inbound and outbound direction
E. all parameter devices in the inbound direction
F. all parameter devices in the outbound direction
Answer: E
New 350-018 exam questions from PassLeader 350-018 dumps! Welcome to download the newest PassLeader 350-018 VCE and PDF dumps: http://www.passleader.com/350-018.html (894 Q&As)
P.S. Free 350-018 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfjE1cHRyNEtmX3JfdU9CUFlRZnVxNjZUbWxsSnBpNXM0QjZYZjBXZVgyOTQ
