Cisco 350-018 Online Practice Questions and Exam Preparation

Cisco 350-018 Online Questions & Answers

• Question 251:

  What is the maximum pattern length support by FPM search within a packet?

  A. 128 bytes
  B. 256 bytes
  C. 512 bytes
  D. 1500 bytes
  B. 256 bytes

• Question 252:

  

  Refer to the exhibit. What type of attack is illustrated?

  A. IP address spoofing
  B. ICMP flood C. CAM overflow
  D. ARP spoofing
  D. ARP spoofing

• Question 253:

  What are three ways you can enforce a BCP38 policy on an Internet edge device? (Choose three.)

  A. Avoid RFC 1918 internal addressing.
  B. Apply ingress filters for RFC 1918 addresses.
  C. Apply ingress ACL. Filters for BOGON routes.
  D. Implement source NAT.
  E. Implement Unicast RPF.
  F. Implement Cisco Express Forwarding.
  B. Apply ingress filters for RFC 1918 addresses.
  C. Apply ingress ACL. Filters for BOGON routes.
  E. Implement Unicast RPF.

• Question 254:

  What technique can an attacker use to obfuscate a malware application payload, allowing it to bypass standard security mechanisms?

  A. BASE64
  B. steganography
  C. a PE32 header
  D. decryption
  E. Teredo tunneling
  B. steganography

• Question 255:

  What are three protocols that support Layer 7 class maps and policy maps for zone-based firewalls?(Choose three)

  A. RDP
  B. MIME
  C. ICQ
  D. IMAP
  E. POP3
  F. IKE
  C. ICQ
  D. IMAP
  E. POP3

• Question 256:

  For what reason is BVI required in the Transparent Cisco IOS Firewall?

  A. BVI is required for the inspection of IP traffic.
  B. BVI is required if routing is disabled on the firewall.
  C. BVI is required if more than two interfaces are in the same bridge group.
  D. BVI is required for the inspection of non-IP traffic.
  E. BVI cannot be used to manage the device.
  C. BVI is required if more than two interfaces are in the same bridge group.

• Question 257:

  What is the effect of the Cisco Application Contra Engine (ACE) command ipv6 fragment min-mtu 1024?

  A. It configures the interface to fragment packets on connections with MTUs of 1024 or less.
  B. It sets the MTU to 1024 bytes for an IPv6 VLAN interface that accepts fragmented packets.
  C. It configures the interface to attempt to reassemble only IPv6 fragments that are at least 1024 bytes.
  D. It configures the interface to attempt to reassemble only IPv6 fragments that are less than 1024 bytes.
  E. It configures the interface to fragment packets on connections with MTUs of 1024 or greater.
  C. It configures the interface to attempt to reassemble only IPv6 fragments that are at least 1024 bytes.

• Question 258:

  Which statement about SNMP control plane policing is true?

  A. The SNMP management plane always has a source IP address
  B. SNMP traffic is processed via CEF in the data plane.
  C. The CoPP SNMP feature can regard and manage traffic during heavy traffic load.
  D. SNMP traps are processed by the data plane.
  C. The CoPP SNMP feature can regard and manage traffic during heavy traffic load.

• Question 259:

  Which statement about remote procedure calls is true?

  A. They can be invoked by the client and the server
  B. They can emulate different hardware specifications on a single platform
  C. They support synchronous and asynchronous requests
  D. They use a special assembly instruction set to process remote code without conflicting with other remote processes
  E. They support optimized data replication among multiple machines
  D. They use a special assembly instruction set to process remote code without conflicting with other remote processes

• Question 260:

  Which two options are operating modes of Security Group Tag (SGT) Exchange Protocol (SXP) peers? (Choose two.)

  A. listener
  B. broadcast
  C. neighbor
  D. transmitter
  E. speaker
  A. listener
  E. speaker