Exact of 350-018 simulations materials and keys for Cisco certification for IT specialist, Real Success Guaranteed with Updated 350-018 pdf dumps vce Materials. 100% PASS CCIE Pre-Qualification Test for Security exam Today!
2016 May 350-018 Study Guide Questions:
Q211. Which three routing characteristics are relevant for DMVPN Phase 3? (Choose three.)
A. Hubs must not preserve the original IP next-hop.
B. Hubs must preserve the original IP next-hop.
C. Split-horizon must be turned off for RIP and EIGRP.
D. Spokes are only routing neighbors with hubs.
E. Spokes are routing neighbors with hubs and other spokes.
F. Hubs are routing neighbors with other hubs and must use the same routing protocol as that used on hub-spoke tunnels.
Q212. What action does a RADIUS server take when it cannot authenticate the credentials of a user?
A. An Access-Reject message is sent.
B. An Access-Challenge message is sent, and the user is prompted to re-enter credentials.
C. A Reject message is sent.
D. A RADIUS start-stop message is sent via the accounting service to disconnect the session.
Q213. During a computer security forensic investigation, a laptop computer is retrieved that requires content analysis and information retrieval. Which file system is on it, assuming it
has the default installation of Microsoft Windows Vista operating system?
Q214. Which four protocols are supported by Cisco IOS Management Plane Protection? (Choose four.)
A. Blocks Extensible Exchange Protocol (BEEP)
B. Hypertext Transfer Protocol Secure (HTTPS)
C. Secure Copy Protocol (SCP)
D. Secure File Transfer Protocol (SFTP)
E. Secure Shell (SSH)
F. Simple Network Management Protocol (SNMP)
Q215. Which two statements about SHA are correct? (Choose two.)
A. Five 32-bit variables are applied to the message to produce the 160-bit hash.
B. The message is split into 64-bit blocks for processing.
C. The message is split into 512-bit blocks for processing.
D. SHA-2 and MD5 both consist of four rounds of processing.
Q216. Which two OSPF network types support the concept of a designated router? (Choose two.)
D. point-to-multipoint nonbroadcast
Q217. Which domain is used for a reverse lookup of IPv4 addresses?
Renovate 350-018 exam guide:
Q218. Which three options can be configured within the definition of a network object, as introduced in Cisco ASA version 8.3(1)? (Choose three.)
A. range of IP addresses
B. subnet of IP addresses
C. destination IP NAT translation
D. source IP NAT translation
E. source and destination FQDNs
F. port and protocol ranges
Q219. How does 3DES use the DES algorithm to encrypt a message?
A. encrypts a message with K1, decrypts the output with K2, then encrypts it with K3
B. encrypts a message with K1, encrypts the output with K2, then encrypts it with K3
C. encrypts K1 using K2, then encrypts it using K3, then encrypts a message using the output key
D. encrypts a message with K1, encrypts the output with the K2, then decrypts it with K3
Q220. What is the advantage of using the ESP protocol over the AH?
A. data confidentiality
B. data integrity verification
D. anti-replay protection
Q221. Which statement about SMTP is true?
A. SMTP uses UDP port 25.
B. The POP protocol is used by the SMTP client to manage stored mail.
C. The IMAP protocol is used by the SMTP client to retrieve and manage stored email.
D. The mail delivery agent in the SMTP architecture is responsible for DNS lookup.
E. SMTP uses TCP port 20.
Q222. Which four configuration steps are required to implement a zone-based policy firewall configuration on a Cisco IOS router? (Choose four.)
A. Create the security zones and security zone pairs.
B. Create the self zone.
C. Create the default global inspection policy.
D. Create the type inspect class maps and policy maps.
E. Assign a security level to each security zone.
F. Assign each router interface to a security zone.
G. Apply a type inspect policy map to each zone pair.
Q223. Which two statements about the multiple context mode running Version 9.x are true? (Choose two.)
A. RIP is not supported.
B. An interface cannot be shared by multiple contexts.
C. Remote access VPN is supported.
D. Only the admin and context configuration files are supported.
E. OSPFv3 is supported.
F. Multicast feature is supported
G. Site-To-Site VPN feature is supported
Q224. Which two statements about SOX are true? (Choose two.)
A. SOX is an IEFT compliance procedure for computer systems security.
B. SOX is a US law.
C. SOX is an IEEE compliance procedure for IT management to produce audit reports.
D. SOX is.a private organization that provides best practices for financial institution computer systems.
E. Section 404 of SOX is related to IT compliance.
Verified 350-018 pdf:
Q225. Which two statements describe the Cisco TrustSec system correctly? (Choose two.)
A. The Cisco TrustSec system is a partner program, where Cisco certifies third-party security products as extensions to the secure infrastructure.
B. The Cisco TrustSec system is an approach to certifying multimedia and collaboration applications as secure.
C. The Cisco TrustSec system is an Advanced Network Access Control System that leverages enforcement intelligence in the network infrastructure.
D. The Cisco TrustSec system tests and certifies all products and product versions that make up the system as working together in a validated manner.
Q226. Refer to the exhibit, which shows a partial output of the show command.
Which statement best describes the problem?
A. Context vpn1 is not inservice.
B. There is no gateway that is configured under context vpn1.
C. The config has not been properly updated for context vpn1.
D. The gateway that is configured under context vpn1 is not inservice.
Q227. Which option explains the passive scan technique that is used by wireless clients to discover available wireless networks?
A. listening for access point beacons that contain available wireless networks
B. sending a null probe request
C. sending a null association request
D. listening for access point probe response frames that contain available wireless networks
Q228. Which two options correctly describe Remote Triggered Black Hole Filtering (RFC 5635)? (Choose two.)
A. RTBH destination based filtering can drop traffic destined to a host based on triggered entries in the FIB.
B. RTBH source based filtering will drop traffic from a source destined to a host based on triggered entries in the RIB
C. Loose uRPF must be used in conjunction with RTBH destination based filtering
D. Strict uRPF must be used in conjunction with RTBH source based filtering
E. RTBH uses a discard route on the edge devices of the network and a route server to send triggered route updates
F. When setting the BGP community attribute in a route-map for RTBH use the no-export community unless BGP confederations are used then use local-as to advertise to sub-as confederations
Q229. Which statement about the 3DES algorithm is true?
A. The 3DES algorithm uses the same key for encryption and decryption,
B. The 3DES algorithm uses a public-private key pair with a public key for encryption and a private key for decryption.
C. The 3DES algorithm is a block cipher.
D. The 3DES algorithm uses a key length of 112 bits.
E. The 3DES algorithm is faster than DES due to the shorter key length.
Q230. Refer to the exhibit.
To configure the Cisco ASA, what should you enter in the Name field, under the Group Authentication option for the IPSec VPN client?
A. group policy name
B. crypto map name
C. isakmp policy name
D. crypto ipsec transform-set name
E. tunnel group name
Q231. Which three options are extension headers that are implemented in IPv6? (Choose three.)
A. Routing Header.
B. Generic Tunnel Header.
C. Quality of Service Header.
D. Fragment Header.
E. Encapsulating Security Payload Header.
F. Path MTU Discovery Header.
see more CCIE Pre-Qualification Test for Security