Cisco 350-018 Online Practice Questions and Exam Preparation

Cisco 350-018 Online Questions & Answers

• Question 571:

  Which of the following are two valid TLS message content types? (Choose two.)

  A. DynamID
  B. Application data
  C. Alert
  D. Identity
  E. Notification
  F. Proxy
  B. Application data
  E. Notification

• Question 572:

  What does the Common Criteria (CC) standard define?

  A. The current list of Common Vulnerabilities and Exposures (CVEs)
  B. The U.S standards for encryption export regulations
  C. Tools to support the development of pivotal, forward-looking information system technologies
  D. The international standards for evaluating trust in information systems and products
  E. The international standards for privacy laws
  F. The standards for establishing a security incident response system
  D. The international standards for evaluating trust in information systems and products

• Question 573:

  What mechanism does SSL use to provide confidentiality of user data?

  A. symmetric encryption
  B. asymmetric encryption
  C. RSA public-key encryption
  D. Diffie-Hellman exchange
  A. symmetric encryption

• Question 574:

  Which three statements about GDOI are true? (Choose three.)

  A. GDOI uses TCP port 848.
  B. The GROUPKEY_PULL exchange is protected by an IKE phase 1 exchange.
  C. The KEK protects the GROUPKEY_PUSH message.
  D. The TEK is used to encrypt and decrypt data traffic.
  E. GDOI does not support PFS.
  B. The GROUPKEY_PULL exchange is protected by an IKE phase 1 exchange.
  C. The KEK protects the GROUPKEY_PUSH message.
  D. The TEK is used to encrypt and decrypt data traffic.

• Question 575:

  What is the unit of measurement of the average rate of a token bucket?

  A. kilobytes per second
  B. bytes per second
  C. kilobits per second
  D. bits per second
  D. bits per second

• Question 576:

  Which two options best describe the authorization process as it relates to network access? (Choose two.)

  A. the process of identifying the validity of a certificate, and validating specific fields in the certificate against an identity store
  B. the process of providing network access to the end user
  C. applying enforcement controls, such as downloadable ACLs and VLAN assignment, to the network access session of a user
  D. the process of validating the provided credentials
  B. the process of providing network access to the end user
  C. applying enforcement controls, such as downloadable ACLs and VLAN assignment, to the network access session of a user

• Question 577:

  crypto gdoi group gdoi_group identity number 1234 server local sa receive-only sa ipsec 1 profile gdoi-p match address ipv4 120 Which statement about the above configuration is true?

  A. The key server instructs the DMVPN spoke to install SAs outbound only.
  B. The key server instructs the GDOI group to install SAs inbound only.
  C. The key server instructs the DMVPN hub to install SAs outbound only.
  D. The key server instructs the GDOI spoke to install SAs inbound only.
  B. The key server instructs the GDOI group to install SAs inbound only.

• Question 578:

  Drag the employee designation to right on role they play

  Select and Place:

  

  

• Question 579:

  When you are configuring the COOP feature for GETVPN redundancy, which two steps are required to ensure the proper COOP operations between the key servers? (Choose two.)

  A. Generate an exportable RSA key pair on the primary key server and export it to the secondary key server.
  B. Enable dead peer detection between the primary and secondary key servers.
  C. Configure HSRP between the primary and secondary key servers.
  D. Enable IPC between the primary and secondary key servers.
  E. Enable NTP on both the primary and secondary key servers to ensure that they are synchronized to the same clock source.
  A. Generate an exportable RSA key pair on the primary key server and export it to the secondary key server.
  B. Enable dead peer detection between the primary and secondary key servers.

• Question 580:

  

  Refer to exhibit. What is the effect to the given configuration?

  A. It sets the duplicated address detection Interval to 60 seconds and sets the IPv6 Neighbor solicitation Interval to 3600 milliseconds.
  B. It sets the number of neighbor solicitation messages to 60 while duplicate address detection is performed and sets the neighbor solicitation retransmission interval to 3600 milliseconds.
  C. It sets the number of neighbor solicitation messages to 60 and sets the duplicate address detection interval to 3600 seconds.
  D. It sets dulicate address detection interval to 60 seconds and sets the IPv6 neighbor reachable time to 3600 milliseconds.
  E. It sets the number of duplicate address detection attempts to 60 and sets the duplicate address detection interval to 3600 milliseconds.
  B. It sets the number of neighbor solicitation messages to 60 while duplicate address detection is performed and sets the neighbor solicitation retransmission interval to 3600 milliseconds.