Cisco 350-018 Online Practice Questions and Exam Preparation

Cisco 350-018 Online Questions & Answers

• Question 211:

  Which three options correctly describe the AH protocol? (Choose three.)

  A. The AH protocol encrypts the entire IP and upper layer protocols for security.
  B. The AH protocol provides connectionless integrity and data origin authentication.
  C. The AH protocol provides protection against replay attacks.
  D. The AH protocol supports tunnel mode only.
  E. The AH protocol uses IP protocol 51.
  F. The AH protocol supports IPv4 only.
  B. The AH protocol provides connectionless integrity and data origin authentication.
  C. The AH protocol provides protection against replay attacks.
  E. The AH protocol uses IP protocol 51.

• Question 212:

  When you enable the same-security-traffic permit Inter-interface command on the ASA, which two statements about the configuration are true? (Choose two.)

  A. The configuration will support more than 101 communicating interfaces.
  B. The configuration will support a maximum of 101 communicating interfaces.
  C. Traffic can enter and exit the same interface.
  D. Traffic can flow between interfaces at the same security level without an access list.
  E. By default, the outside interface on every ASA is the only interface to be configured with a name and security level of 100.
  A. The configuration will support more than 101 communicating interfaces.
  D. Traffic can flow between interfaces at the same security level without an access list.

• Question 213:

  You want to network hardware (which IS not part of the ACI Infrastructure) to be governed by the APIC, by Installing device packages . Where must these package be Installed?

  A. on all devices on the path
  B. on the connecting leaf switches
  C. on the network element you are adding
  D. on the APIC
  D. on the APIC

• Question 214:

  Select and Place:

  

  

• Question 215:

  What are two benefits of using IKEv2 instead of IKEv1 when deploying remote-access IPsec VPNs? (Choose two.)

  A. IKEv2 supports EAP authentication methods as part of the protocol.
  B. IKEv2 inherently supports NAT traversal.
  C. IKEv2 messages use random message IDs.
  D. The IKEv2 SA plus the IPsec SA can be established in six messages instead of nine messages.
  E. All IKEv2 messages are encryption-protected.
  A. IKEv2 supports EAP authentication methods as part of the protocol.
  B. IKEv2 inherently supports NAT traversal.

• Question 216:

  What is the most common use of Scavenger-Class QoS?

  A. Mitigating DoS attacks
  B. Mitigating SQL injection attacks
  C. traffic shaping
  D. prioritizing traffic
  A. Mitigating DoS attacks

• Question 217:

  Refer to the exhibit.

  

  Which option correctly identifies the point on the exhibit where Control Plane Policing (input) is applied to incoming packets?

  A. point 6
  B. point 7
  C. point 4
  D. point 1
  E. points 5 and 6
  A. point 6

• Question 218:

  Which two of the following pieces of information are communicated by the ASA in version 8.4 or later when the Stateful Failover is enabled? (Choose two.)

  A. DHCP server address leases.
  B. dynamic routing tables
  C. power status
  D. NAT translation table
  E. user authentication
  B. dynamic routing tables
  D. NAT translation table

• Question 219:

  In the context of a botnet, what is true regarding a command and control server?

  A. It can launch an attack using IRC or Twitter.
  B. It is another name for a zombie.
  C. It is used to generate a worm.
  D. It sends the command to the botnets via adware.
  A. It can launch an attack using IRC or Twitter.

• Question 220:

  

  Refer to the exhibit .What is a possible reason for the given error?

  A. The IPS Engine is waiting for a CLI session to terminate
  B. The IPS Engine is busy building cache files
  C. One or more required applications failed to respond
  D. The virtual sensor is still initializaing
  B. The IPS Engine is busy building cache files