Cisco 351-018 Online Practice Questions and Exam Preparation

Cisco 351-018 Online Questions & Answers

• Question 111:

  Which statement describes the computed authentication data in the AH protocol?

  A. The computed authentication data is never sent across.
  B. The computed authentication data is part of a new IP header.
  C. The computed authentication data is part of the AH header.
  D. The computed authentication data is part of the original IP header.
  C. The computed authentication data is part of the AH header.

• Question 112:

  How does 3DES use the DES algorithm to encrypt a message?

  A. encrypts a message with K1, decrypts the output with K2, then encrypts it with K3
  B. encrypts a message with K1, encrypts the output with K2, then encrypts it with K3
  C. encrypts K1 using K2, then encrypts it using K3, then encrypts a message using the output key
  D. encrypts a message with K1, encrypts the output with the K2, then decrypts it with K3
  A. encrypts a message with K1, decrypts the output with K2, then encrypts it with K3

• Question 113:

  DRAG DROP

  Select and Place:

  

  

• Question 114:

  Which two current RFCs discuss special use IP addresses that may be used as a checklist of invalid routing prefixes for IPv4 and IPv6 addresses? (Choose two.)

  A. RFC 5156
  B. RFC 5735
  C. RFC 3330
  D. RFC 1918
  E. RFC 2827
  A. RFC 5156
  B. RFC 5735

• Question 115:

  An exploit that involves connecting to a specific TCP port and gaining access to an administrative command prompt is an example of which type of attack?

  A. botnet
  B. Trojan horse
  C. privilege escalation
  D. DoS
  C. privilege escalation

• Question 116:

  Which two pieces of information are communicated by the ASA failover link? (Choose two.)

  A. unit state
  B. connections State
  C. routing tables
  D. power status
  E. MAC address exchange
  A. unit state
  E. MAC address exchange

• Question 117:

  With ASM, sources can launch attacks by sending traffic to any groups that are supported by an active RP. Such traffic might not reach a receiver but will reach at least the first-hop router in the path, as well as the RP, allowing limited attacks. However, if the attacking source knows a group to which a target receiver is listening and there are no appropriate filters in place, then the attacking source can send traffic to that group. This traffic is received as long as the attacking source is listening to the group.

  Based on the above description, which type of security threat is involved?

  A. DoS
  B. man-in-the-middle
  C. compromised key
  D. data modification
  A. DoS

• Question 118:

  Which four attributes are identified in an X.509v3 basic certificate field? (Choose four.)

  A. key usage
  B. certificate serial number
  C. issuer
  D. subject name
  E. signature algorithm identifier
  F. CRL distribution points
  G. subject alt name
  B. certificate serial number
  C. issuer
  D. subject name
  E. signature algorithm identifier

• Question 119:

  What is the advantage of using the ESP protocol over the AH?

  A. data confidentiality
  B. data integrity verification
  C. nonrepudiation
  D. anti-replay protection
  A. data confidentiality

• Question 120:

  Which statement about ISO/IEC 27001 is true?

  A. ISO/IEC 27001 is only intended to report security breaches to the management authority.
  B. ISO/IEC 27001 was reviewed by the International Organization for Standardization.
  C. ISO/IEC 27001 is intend to bring information security under management control.
  D. ISO/IEC 27001 was reviewed by the International Electrotechnical Commission.
  E. ISO/IEC 27001 was published by ISO/IEC.
  C. ISO/IEC 27001 is intend to bring information security under management control.