Cisco 351-018 Online Practice Questions and Exam Preparation

Cisco 351-018 Online Questions & Answers

• Question 331:

  Which protocol can be used to encrypt traffic sent over a GRE tunnel?

  A. SSL
  B. SSH
  C. IPsec
  D. DH
  E. TLS
  C. IPsec

• Question 332:

  Which two security measures are provided when you configure 802.1X on switchports that connect to corporate-controlled wireless access points? (Choose two.)

  A. It prevents rogue APs from being wired into the network.
  B. It provides encryption capability of data traffic between APs and controllers.
  C. It prevents rogue clients from accessing the wired network.
  D. It ensures that 802.1x requirements for wired PCs can no longer be bypassed by disconnecting the AP and connecting a PC in its place.
  A. It prevents rogue APs from being wired into the network.
  D. It ensures that 802.1x requirements for wired PCs can no longer be bypassed by disconnecting the AP and connecting a PC in its place.

• Question 333:

  Refer to the exhibit.

  

  Which statement correctly describes the configuration?

  A. The configuration is the super view configuration of role-based access control.
  B. The configuration would not work unless the AAA server is configured for authentication and authorization.
  C. The exec commands in the configuration will be excluded from the test view.
  D. The configuration is the CLI configuration of role-based access control.
  D. The configuration is the CLI configuration of role-based access control.

• Question 334:

  DRAG DROP

  Select and Place:

  

  

• Question 335:

  Which two EAP methods may be susceptible to offline dictionary attacks? (Choose two.)

  A. EAP-MD5
  B. LEAP
  C. PEAP with MS-CHAPv2
  D. EAP-FAST
  A. EAP-MD5
  B. LEAP

• Question 336:

  Refer to the exhibit.

  

  Which statement about this Cisco Catalyst switch 802.1X configuration is true?

  A. If an IP phone behind the switch port has an 802.1X supplicant, MAC address bypass will still be used to authenticate the IP Phone.
  B. If an IP phone behind the switch port has an 802.1X supplicant, 802.1X authentication will be used to authenticate the IP phone.
  C. The authentication host-mode multi-domain command enables the PC connected behind the IP phone to bypass 802.1X authentication.
  D. Using the authentication host-mode multi-domain command will allow up to eight PCs connected behind the IP phone via a hub to be individually authentication using 802.1X.
  B. If an IP phone behind the switch port has an 802.1X supplicant, 802.1X authentication will be used to authenticate the IP phone.

• Question 337:

  What is the purpose of the OCSP protocol?

  A. checks the revocation status of a digital certificate
  B. submits a certificate signing request
  C. verifies a signature of a digital certificate
  D. protects a digital certificate with its private key
  A. checks the revocation status of a digital certificate

• Question 338:

  Which VTP mode allows the Cisco Catalyst switch administrator to make changes to the VLAN configuration that only affect the local switch and are not propagated to other switches in the VTP domain?

  A. transparent
  B. server
  C. client
  D. local
  E. pass-through
  A. transparent

• Question 339:

  Which four types of VPN natively provide encryption of user traffic? (Choose four.)

  A. MPLS
  B. IPsec
  C. L2TPv3
  D. SSL
  E. VPLS
  F. AToM
  G. GETVPN
  H. Microsoft PPTP
  B. IPsec
  D. SSL
  G. GETVPN
  H. Microsoft PPTP

• Question 340:

  Which common FTP client command transmits a direct, byte-for-byte copy of a file?

  A. ascii
  B. binary
  C. hash
  D. quote
  E. glob
  B. binary