Cisco 350-018 Online Practice Questions and Exam Preparation

Cisco 350-018 Online Questions & Answers

• Question 461:

  Refer to the exhibit.

  

  What is the effect of the given ACL Policy?

  A. The policy will deny all ipv6 eBGP session
  B. The policy will deny all ipv6 routed packets
  C. The policy will disable ipv6 source routing
  D. The policy will deny all ipv6 routing packet
  C. The policy will disable ipv6 source routing

• Question 462:

  An RSA key pair consists of public key and private key and is used to set up PKI. Which statement applies to RSA and PKI?

  A. It is possible to determine the RSA key-pair private key from it's corresponds public key
  B. The public key must be include in the certificate enrollment request
  C. When a router that does not have an RSA key pair request a certificate, the certificate request is sent, but a warning is show to generate the RSA key pair before a CA signed certificate is received
  D. the RSA key-pair is a symmetric cryptography
  C. When a router that does not have an RSA key pair request a certificate, the certificate request is sent, but a warning is show to generate the RSA key pair before a CA signed certificate is received

• Question 463:

  You have been asked to configure a Cisco ASA appliance in multiple mode with these settings:

  A. You need two customer contexts, named contextA and contextB.
  B. Allocate interfaces G0/0 and G0/1 to contextA.
  C. Allocate interfaces G0/0 and G0/2 to contextB.
  D. The physical interface name for G0/1 within contextA should be "inside".
  E. All other context interfaces must be viewable via their physical interface names. If the admin context is already defined and all interfaces are enabled, which command set will complete this configuration?
  F. context contextA config-url disk0:/contextA.cfg allocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/1 inside context contextB config-url disk0:/contextB.cfg allocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/2 visible
  G. context contexta config-url disk0:/contextA.cfg allocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/1 inside context contextb config-url disk0:/contextB.cfg allocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/2 visible
  H. context contextA config-url disk0:/contextA.cfg allocate-interface GigabitEthernet0/0 invisible allocate-interface GigabitEthernet0/1 inside context contextB config-url disk0:/contextB.cfg allocate-interface GigabitEthernet0/0 invisible allocate-interface GigabitEthernet0/2 invisible
  I. context contextA config-url disk0:/contextA.cfg allocate-interface GigabitEthernet0/0 allocate-interface GigabitEthernet0/1 inside context contextB config-url disk0:/contextB.cfg allocate-interface GigabitEthernet0/0 allocate-interface GigabitEthernet0/2
  J. context contextA config-url disk0:/contextA.cfg allocate-interface GigabitEthernet0/0 visible allocate-interface GigabitEthernet0/1 inside context contextB config-url disk0:/contextB.cfg allocate-interface GigabitEthernet0/1 visible allocate-interface GigabitEthernet0/2 visible
  A. You need two customer contexts, named contextA and contextB.

• Question 464:

  Which three statements are true about the Cisco NAC Appliance solution? (Choose three.)

  A. In a Layer 3 OOB ACL deployment of the Cisco NAC Appliance, the discovery host must be configured as the untrusted IP address of the Cisco NAC Appliance Server.
  B. In a Cisco NAC Appliance deployment, the discovery host must be configured on a Cisco router using the "NAC discovery-host" global configuration command.
  C. In a VRF-style OOB deployment of the Cisco NAC Appliance, the discovery host may be the IP address that is on the trusted side of the Cisco NAC Appliance Server.
  D. In a Layer 3 IB deployment of the Cisco NAC Appliance, the discovery host may be configured as the IP address of the Cisco NAC Appliance Manager.
  A. In a Layer 3 OOB ACL deployment of the Cisco NAC Appliance, the discovery host must be configured as the untrusted IP address of the Cisco NAC Appliance Server.
  C. In a VRF-style OOB deployment of the Cisco NAC Appliance, the discovery host may be the IP address that is on the trusted side of the Cisco NAC Appliance Server.
  D. In a Layer 3 IB deployment of the Cisco NAC Appliance, the discovery host may be configured as the IP address of the Cisco NAC Appliance Manager.

• Question 465:

  What port has IANA assigned to the GDOI protocol?

  A. UDP 4500
  B. UDP 500
  C. UDP 848
  D. UDP 1812
  C. UDP 848

• Question 466:

  What is the function of this command?

  switch(config-if)# switchport port-security mac-address sticky

  A. It allows the switch to restrict the MAC addresses on the switch port, based on the static MAC addresses configured in the startup configuration.
  B. It allows the administrator to manually configure the secured MAC addresses on the switch port.
  C. It allows the switch to permanently store the secured MAC addresses in the MAC address table (CAM table).
  D. It allows the switch to perform sticky learning, in which the dynamically learned MAC addresses are copied from the MAC address table (CAM table) to the startup configuration.
  E. It allows the switch to dynamically learn the MAC addresses on the switch port, and the MAC addresses will be added to the running configuration
  E. It allows the switch to dynamically learn the MAC addresses on the switch port, and the MAC addresses will be added to the running configuration

• Question 467:

  Which three statements about the Cisco IPS sensor are true? (Choose three.)

  A. You cannot pair a VLAN with itself.
  B. For a given sensing interface, an interface used in a VLAN pair can be a member of another inline interface pair.
  C. For a given sensing interface, a VLAN can be a member of only one inline VLAN pair, however, a given VLAN can be a member of an inline VLAN pair on more than one sensing interface.
  D. The order in which you specify the VLANs in a inline pair is significant.
  E. A sensing interface in inline VLAN pair mode can have from 1 to 255 inline VLAN pairs.
  A. You cannot pair a VLAN with itself.
  C. For a given sensing interface, a VLAN can be a member of only one inline VLAN pair, however, a given VLAN can be a member of an inline VLAN pair on more than one sensing interface.
  E. A sensing interface in inline VLAN pair mode can have from 1 to 255 inline VLAN pairs.

• Question 468:

  Which three authentication types does OSPF support? (Choose three.)

  A. Null
  B. Plaintext
  C. MD5
  D. PAP
  E. PEAP
  F. MS-CHAP
  A. Null
  B. Plaintext
  C. MD5

• Question 469:

  Refer to the exhibit.

  

  Which option describes the behavior of this configuration?

  A. The switch initiates the authentication.
  B. The client initiates the authentication.
  C. The device performs subsequent IEEE 802.1X authentication if it passed MAB authentication. If the device fails IEEE 802.1X, it will start MAB again.
  D. Devices that perform IEEE 802.1X should be in the MAC address database for successful authentication.
  E. IEEE 802.1x devices must first authenticate via MAB to perform subsequent IEEE 802.1X authentication. If 802.1X fails, the device is assigned to the default guest VLAN.
  C. The device performs subsequent IEEE 802.1X authentication if it passed MAB authentication. If the device fails IEEE 802.1X, it will start MAB again.

• Question 470:

  Refer to the exhibit.

  

  Which AS-PATH access-list regular expression should be applied on R2 to allow only updates that originate from AS-65001 or an AS that attaches directly to AS- 65001?

  A. ^65001_[0-9]*$
  B. _65001^[0-9]*
  C. 65001_[0.9]$
  D. ^65001_*$
  A. ^65001_[0-9]*$