Cisco 351-018 Online Practice Questions and Exam Preparation

Cisco 351-018 Online Questions & Answers

• Question 301:

  Refer to the exhibit.

  

  To configure the Cisco ASA, what should you enter in the Name field, under the Group Authentication option for the IPSec VPN client?

  A. group policy name
  B. crypto map name
  C. isakmp policy name
  D. crypto ipsec transform-set name
  E. tunnel group name
  E. tunnel group name

• Question 302:

  Which query type is required for an nslookup on an IPv6 addressed host?

  A. type=AAAA
  B. type=ANY
  C. type=PTR
  D. type=NAME-IPV6
  A. type=AAAA

• Question 303:

  Which statement about the ASA redundant interface is true?

  A. It is a logical interface that combines two physical interfaces, both of which are active.
  B. It can only be used for failover links.
  C. By default, the first physical interface that is configured in the pair is the active interface.
  D. The redundant interface uses the MAC address of the second physical interface in the pair.
  C. By default, the first physical interface that is configured in the pair is the active interface.

• Question 304:

  Which three statements about Security Group Tag Exchange Protocol are true? (Choose three.)

  A. SXP runs on UDP port 64999.
  B. A connection is established between a "listener" and a "speaker."
  C. It propagates the IP-to-SGT binding table across network devices that do not have the ability to perform SGT tagging at Layer 2 to devices that support it.
  D. SXP is supported across multiple hops.
  E. SXPv2 introduces connection security via TLS.
  B. A connection is established between a "listener" and a "speaker."
  C. It propagates the IP-to-SGT binding table across network devices that do not have the ability to perform SGT tagging at Layer 2 to devices that support it.
  D. SXP is supported across multiple hops.

• Question 305:

  Which three options are extension headers that are implemented in IPv6? (Choose three.)

  A. Routing Header.
  B. Generic Tunnel Header.
  C. Quality of Service Header.
  D. Fragment Header.
  E. Encapsulating Security Payload Header.
  F. Path MTU Discovery Header.
  A. Routing Header.
  D. Fragment Header.
  E. Encapsulating Security Payload Header.

• Question 306:

  Refer to the exhibit.

  

  If SW4 is sending superior BPDUs, where should the root guard feature be configured to preserve SW3 as a root bridge?

  A. SW4 Gi0/0 interface.
  B. Sw3 Gi0/0 interface.
  C. Sw2 Gi0/1 interface.
  D. SW2 Gi0/1 and SW3 Gi0/1
  C. Sw2 Gi0/1 interface.

• Question 307:

  Which Category to Protocol mapping for NBAR is correct?

  A. Category: Enterprise Applications Protocol: Citrix ICA, PCAnywhere, SAP, IMAP
  B. Category: Internet Protocol: FTP, HTTP, TFTP
  C. Category: Network Management Protocol: ICMP, SNMP, SSH, Telnet
  D. Category: Network Mail Services Protocol: MAPI, POP3, SMTP
  B. Category: Internet Protocol: FTP, HTTP, TFTP

• Question 308:

  A router has four interfaces addressed as 10.1.1.1/24, 10.1.2.1/24, 10.1.3.1/24, and 10.1.4.1/24. What is the smallest summary route that can be advertised covering these four subnets?

  A. 10.1.2.0/22
  B. 10.1.0.0/22
  C. 10.1.0.0/21
  D. 10.1.0.0/16
  C. 10.1.0.0/21

• Question 309:

  Which two statements correctly describes ASA resource management in multiple context mode? (Choose two.)

  A. The class sets the resource maximum limit for a context to which it belongs.
  B. A resource cannot be oversubscribed or set to be unlimited in the class.
  C. The resource limit can only be set as a percentage in the class and not as an absolute value.
  D. Context belongs to a default class if not assigned to any other class.
  E. The default class provides unlimited access for all the resources.
  A. The class sets the resource maximum limit for a context to which it belongs.
  D. Context belongs to a default class if not assigned to any other class.

• Question 310:

  Which item is not authenticated by ESP?

  A. ESP header
  B. ESP trailer
  C. New IP header
  D. Original IP header
  E. Data
  F. TCP-UDP header
  C. New IP header