web analytics

Valid 350-018 Dumps with VCE and PDF for Free (Question 241 – Question 270)

New 350-018 exam questions from PassLeader 350-018 dumps! Welcome to download the newest PassLeader 350-018 VCE and PDF dumps: http://www.passleader.com/350-018.html (894 Q&As)

P.S. Free 350-018 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfjE1cHRyNEtmX3JfdU9CUFlRZnVxNjZUbWxsSnBpNXM0QjZYZjBXZVgyOTQ

QUESTION 241
Which two current RFCs discuss special use IP addresses that may be used as a checklist of invalid routing prefixes for IPv4 and IPv6 addresses? (Choose two.)

A.    RFC 5156
B.    RFC 5735
C.    RFC 3330
D.    RFC 1918
E.    RFC 2827

Answer: AB

QUESTION 242
Which four options could be flagged as potential issues by a network security risk assessment? (Choose four.)

A.    router hostname and IP addressing scheme
B.    router filtering rules
C.    route optimization
D.    database connectivity and RTT
E.    weak authentication mechanisms
F.    improperly configured email servers
G.    potential web server exploits

Answer: BEFG

QUESTION 243
Which three of these situations warrant engagement of a Security Incident Response team? (Choose three.)

A.    loss of data confidentiality/integrity
B.    damage to computer/network resources
C.    denial of service (DoS)
D.    computer or network misuse/abuse
E.    pornographic blogs/websites

Answer: ACD

QUESTION 244
Which three statements about the Cisco IPS sensor are true? (Choose three.)

A.    You cannot pair a VLAN with itself.
B.    For a given sensing interface, an interface used in a VLAN pair can be a member of another inline interface pair.
C.    For a given sensing interface, a VLAN can be a member of only one inline VLAN pair, however, a given VLAN can be a member of an inline VLAN pair on more than one sensing interface.
D.    The order in which you specify the VLANs in a inline pair is significant.
E.    A sensing interface in inline VLAN pair mode can have from 1 to 255 inline VLAN pairs.

Answer: ACE

QUESTION 245
Which two VLSM subnets, when taken as a pair, overlap? (Choose two.)

A.    10.22.21.128/26
B.    10.22.22.128/26
C.    10.22.22.0/27
D.    10.22.20.0/23
E.    10.22.16.0/22

Answer: AD

QUESTION 246
The address of an inside client is translated from a private address to a public address by a NAT router for access to an outside web server. What term describes the destination address (client) after the outside web server responds, and before it hits the NAT router?

A.    inside local
B.    inside global
C.    outside local
D.    outside global

Answer: B

QUESTION 247
What is the ICMPv6 type and destination IPv6 address for a Neighbor Solicitation packet that is sent by a router that wants to learn about a newly introduced network device?

A.    ICMP type 136 and the Solicited-Node multicast address
B.    ICMP type 135 and the Broadcast address
C.    ICMP type 136 and the All-Routers multicast address
D.    ICMP type 135 and the All-Routers multicast address
E.    ICMP type 135 and the Solicited-Node multicast address
F.    ICMP type 136 and the Broadcast address

Answer: E

QUESTION 248
Which three statements are true about Cryptographically Generated Addresses for IPv6? (Choose three.)

A.    They prevent spoofing and stealing of existing IPv6 addresses.
B.    They are derived by generating a random 128-bit IPv6 address based on the public key of the node.
C.    They are used for securing neighbor discovery using SeND.
D.    SHA or MD5 is used during their computation.
E.    The minimum RSA key length is 512 bits.
F.    The SHA-1 hash function is used during their computation.

Answer: ACF

QUESTION 249
Which three options are extension headers that are implemented in IPv6? (Choose three.)

A.    Routing Header.
B.    Generic Tunnel Header.
C.    Quality of Service Header.
D.    Fragment Header.
E.    Encapsulating Security Payload Header.
F.    Path MTU Discovery Header.

Answer: ADE

QUESTION 250
What is a key characteristic of MSTP?

A.    always uses a separate STP instance per VLAN to increase efficiency
B.    only supports a single STP instance for all VLANs
C.    is a Cisco proprietary standard
D.    several VLANs can be mapped to the same spanning-tree instance

Answer: D

QUESTION 251
Which spanning-tree mode supports a separate spanning-tree instance for each VLAN and also supports the 802.1w standard that has a faster convergence than 802.1D?

A.    PVST+
B.    PVRST+
C.    PVST
D.    CST
E.    MST
F.    RST

Answer: B

QUESTION 252
Which three LSA types are used by OSPFv3? (Choose three.)

A.    Link LSA
B.    Intra-Area Prefix LSA
C.    Interarea-prefix LSA for ASBRs
D.    Autonomous system external LSA
E.    Internetwork LSA

Answer: ABD

QUESTION 253
Which protocol provides the same functions in IPv6 that IGMP provides in IPv4 networks?

A.    ICMPv6
B.    ND
C.    MLD
D.    TLA

Answer: C

QUESTION 254
Which additional capability was added in IGMPv3?

A.    leave group messages support
B.    source filtering support
C.    group-specific host membership queries support
D.    IPv6 support
E.    authentication support between the multicast receivers and the last hop router

Answer: B

QUESTION 255
Beacons, probe request, and association request frames are associated with which category?

A.    management
B.    control
C.    data
D.    request

Answer: A

QUESTION 256
Which feature can be implemented to avoid any MPLS packet loss?

A.    IP TTL propagation
B.    LDP IGP sync
C.    label advertisement sync
D.    conditional label advertisement
E.    PHP

Answer: B

QUESTION 257
Which four types of VPN natively provide encryption of user traffic? (Choose four.)

A.    MPLS
B.    IPsec
C.    L2TPv3
D.    SSL
E.    VPLS
F.    AToM
G.    GETVPN
H.    Microsoft PPTP

Answer: BDGH

QUESTION 258
Which three options are components of Mobile IPv6? (Choose three.)

A.    home agent
B.    correspondent node
C.    mobile node
D.    binding node
E.    discovery probe

Answer: ABC

QUESTION 259
What are two uses of an RSA algorithm? (Choose two.)

A.    data encryption
B.    digital signature verification
C.    shared key generation
D.    message hashing

Answer: AB

QUESTION 260
What is needed to verify a digital signature that was created using an RSA algorithm?

A.    public key
B.    private key
C.    both public and private key
D.    trusted third-party certificate

Answer: A

QUESTION 261
Which algorithm is used to generate the IKEv2 session key?

A.    Diffie-Hellman
B.    Rivest, Shamir, and Adleman
C.    Secure Hash Algorithm
D.    Rivest Cipher 4

Answer: A

QUESTION 262
Which statement is true about IKEv2 and IKEv1?

A.    IKEv2 can be configured to use EAP, but IKEv1 cannot.
B.    IKEv2 can be configured to use AES encryption, but IKEv1 cannot.
C.    IKEv2 can be configured to interoperate with IKEv1 on the other end.
D.    IKEv2 consumes more bandwidth than IKEv1.

Answer: A

QUESTION 263
Which statement is true about IKEv2 preshared key authentication between two peers?

A.    IKEv2 allows usage of different preshared keys for local and remote authentication.
B.    IKEv2 allows usage of only one preshared key.
C.    IKEv2 allows usage of only one preshared key and only in hub-and-spoke topology.
D.    IKEv2 does not allow usage of preshared key authentication.

Answer: A

QUESTION 264
How does 3DES use the DES algorithm to encrypt a message?

A.    encrypts a message with K1, decrypts the output with K2, then encrypts it with K3
B.    encrypts a message with K1, encrypts the output with K2, then encrypts it with K3
C.    encrypts K1 using K2, then encrypts it using K3, then encrypts a message using the outputkey
D.    encrypts a message with K1, encrypts the output with the K2, then decrypts it with K3

Answer: A

QUESTION 265
Which protocol is superseded by AES?

A.    DES
B.    RSA
C.    RC4
D.    MD5

Answer: A

QUESTION 266
What is the purpose of the SPI field in an IPsec packet?

A.    identifies a transmission channel
B.    provides anti-replay protection
C.    ensures data integrity
D.    contains a shared session key

Answer: A

QUESTION 267
Which IPsec protocol provides data integrity but no data encryption?

A.    AH
B.    ESP
C.    SPI
D.    DH

Answer: A

QUESTION 268
Which three statements about IKEv2 are correct? (Choose three.)

A.    INITIAL_CONTACT is used to synchronize state between peers.
B.    The IKEv2 standard defines a method for fragmenting large messages.
C.    The initial exchanges of IKEv2 consist of IKE_SA_INIT and IKE_AUTH.
D.    Rekeying IKE and child SAs is facilitated by the IKEv2 CREATE_CHILD_SA exchange.
E.    NAT-T is not supported.
F.    Attribute policy push (via the configuration payload) is only supported in REQUEST/REPLYmode.

Answer: ACD

QUESTION 269
What entities decrypt a transmission sent by a GDOI group member?

A.    all group members
B.    the key server only
C.    the peer that is indicated by the key server
D.    the key server and the peer that is indicated by the key server

Answer: A

QUESTION 270
What transport protocol and port are used by GDOI for its IKE sessions that are established between the group members and the key server?

A.    UDP port 848
B.    TCP port 848
C.    ESP port 51
D.    SSL port 443
E.    UDP port 4500

Answer: A


New 350-018 exam questions from PassLeader 350-018 dumps! Welcome to download the newest PassLeader 350-018 VCE and PDF dumps: http://www.passleader.com/350-018.html (894 Q&As)

P.S. Free 350-018 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpfjE1cHRyNEtmX3JfdU9CUFlRZnVxNjZUbWxsSnBpNXM0QjZYZjBXZVgyOTQ