New VCE and PDF– If you want to pass Cisco 350-018 exam successfully,do not miss to test Cisco latest Cisco 350-018 brain dumps.All Cisco 350-018 the new questions and answers were timely added, visit Flydumps.com to free download VCE player and PDF files.
QUESTION 66
Which three of these are true statesments about?(choose three)
A. It is a secure protocol encapsulated within SSL
B. It is a more recent version of SSl
C. It allows for client authentication via certificates
D. If a third-party(man i-the-middle) observes the entire handshake bwtween clinet and server. The third-party can decrypt the encrypted data the passes between them
E. It can be used to secure SIP
F. It cannot be used for HTTPS
Correct Answer: BCE
QUESTION 67
All of these tools are available from the Cisco IPS manager Express(Cisco IME) GUI except which one?
A. WHOIS
B. Traceroute
C. Telnet
D. DNS lookup
E. ping
Correct Answer: C
QUESTION 68
When a client that is configured for DHCP is powered on and requests an IP address, which is the first DHCP message the client sends?
A. DHCP Acknowledgement
B. DHCP Request
C. DHCP Discovery
D. DHCP inform
E. DHCP Offer
Correct Answer: C
QUESTION 69
Which two of these properties does the UDP protocol itself provide? (Choos two)
A. reliable delivery of data
B. data rate negotiation
C. checksum to prevent data errors
D. preventation of data interception
E. efficient data transfer
Correct Answer: CE
QUESTION 70
Referring to the debug output shown below, what is causing the IKE Main Mode failure? 1d00h: ISAKMP
(0:1): atts are not acceptable. Next payload is 0 1d00h: ISAKMP (0:1): no offers accepted!
1d00h: ISAKMP (0:1): SA not acceptable!
1d00h: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Main Mode failed with peer at 150.150.150.1
A. The Crypto ACL is not a mirror image of the peer.
B. The IKE Phase I policy does not match on both sides.
C. The IPSec transform set on the peers do not match.
D. The receivedIPsec packet specifies a Security Parameters Index (SPI) that does not exist in the security associations database (SADB).
E. The pre-shared keys on the peers do not match.
Correct Answer: B
QUESTION 71
ip address 192.168.2.1 255.255.255.0 ip nat inside no shutdown ! ip nat inside source list NAT interface fastEthernet0/0 overload extended ! ip access-list extended crypto _ACL permit ip 192.168.2.0 0.0.0.255 any
You issue the show crypto ipsec sa command and see that the tunnel is up, but no packets are encrypted or decrypted on either side. To test connectivity, you sourced a ping from the private interface of each router , destined to the private interface of the far-end router. You ask a VPN expert to help you troubleshoot. The expert has verified that ESP is not being blocked , and the routing is correct. After some troubleshooting, the expert makes which of these determinations?
A. The problem is with the encryption ACL. As you were testing with ICMP, you reeded to allow ICMP in both encryption ACLs Router1:permit icmp 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 Router2:permit icmp 192.168.2.0
0.0.0.255 192.168.1.0 0.0.0.255
B. The problem is with the NAT ACL. VPN traffic should be denied in the NAT ACL so that the ACL looks like the following Router1: ip access-list ext NAT deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 permit ip 192.168.1.0 any Router2: ip access-list ext NAT deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 permit ip 192.168.1.0 any
C. The problem is that it is not possible to do NAT along with VPN on a XXX
D. The problem is NAT Transparency is enabled. Dxxxxxxx no crypto ipsec nat-transparency udp-encapsulation.
Correct Answer: B
QUESTION 72
Which of these authentication combinations would provide the highest level of security for an IPsec remote-access VPN client?
A. pre-shared key and xauth (RADIUS server)
B. certificate and xauth (local server)
C. certificate and xauth (RSA SecurID token)
D. pre-shared key and xauth (RSA SecurID token)
E. pre-shared key and xauth (local server)
F. certificate and xauth (RADIUS server)
Correct Answer: C
QUESTION 73
What does this log message indicate? 4w6d: %PM-4-ERR_DISABLE: Psecure-Violation Error Detected on Gi3/2, Putting Gi3/2 in Err-Disable State
A. The port has been disabled because the traffic rate limit has been exceeded.
B. The port has been temporarily disabled because the broadcast packet limit has been exceeded.
C. The port has been disabled because the MAC address limit has been exceeded.
D. The port has been disabled due to a DHCP OFFER packet.
E. The port has been disabled due to detection of a gratuitous ARP packet.
F. The port has been disabled due to an invalid MAC address.
Correct Answer: F
QUESTION 74
You work as a network engineer, study the exhibit carefully. Your company has just configured Cisco security appliance between R1 and R2 to enhance security and apply advanced protocol inspection. Unluckily, BGP stopped working after inserting the appliance in the network. How to restore BGP connectivity? (Choose three.)
A. Configure BGP on the security appliance as an IBGP peer to R1 and R2 in AS 65500.
B. Configure a static NAT translation to allow inbound TCP connections from R2 to R1.
C. Configure an ACL on the security appliance allowing TCP port 179 between R1 and R2.
D. Configure a static route on R1 and R2 using the appliance inside and outside interfaces as gateways.
Correct Answer: BCD
QUESTION 75
What Cisco Switch feature best protects against CAM table overflow attacks?
A. CAM table size definition
B. Storm Control
C. Port security
D. Network Based Application Recognition
E. IP spoof prevention
Correct Answer: C
QUESTION 76
When configuring an intrusion prevention sensor in promiscuous mode what type of malicious traffic can NOT be stopped?
A. Atomic attacks (single packet attacks)
B. Teardrop attacks
C. All of the above
D. Sweep reconnaissance (such as ICMP sweeps)
E. Flood attacks
Correct Answer: A
QUESTION 77
Asymmetric and symmetric ciphers differ in which of the following way(s)? (Choose two)
A. Asymmetric ciphers use public and private keys.
B. Symmetric ciphers are faster to compute.
C. Asymmetric ciphers are faster to compute.
D. Asymmetric ciphers use pre-shared keys.
Correct Answer: AB
QUESTION 78
Which algorithms did TKIP add to the 802.11 specification? (Choose 3)
A. cyclic redundancy check
B. AES-based encryption
C. key mixing
D. message integrity check
E. anti-replay sequence counter
Correct Answer: CDE
QUESTION 79
Low and slow reconnaissance scans used to gain information about a system to see if it is vulnerable to an attack can be stopped with which of the following Cisco products?
A. ASAsyn protection
B. ASA ICMP application inspection.
C. CSA quarantine lists.
D. IPSsyn attack signatures.
E. Cisco Guard
Correct Answer: C
QUESTION 80
ASDM on the ASA platform is executed as:
A. A fully operational Visual Basicapplicaton.
B. An active-x application or a java script application.
C. A java applet running in the context of your browser or a stand alone application using the java run-time environment.
D. A java script application and a PHP application
E. A fully compiled NET frameworkapplicaton.
Correct Answer: C
QUESTION 81
Which of the following signatures was created by an IPS adminisrator using the custom signature creation capability of IPS?
A. 2000 – ICMP Echo Reply
B. 3050 – Half-open SYN attack
C. 12000 – Gator Spyware Beacon
D. 9000 – TCP Backdoor Probe.
E. 6000-BitTorrent File Download.
Correct Answer: E
QUESTION 82
Which of these is the best way to provide sender non-repudiation?
A. secure hash
B. SSL
C. pre-shared key
D. RSA signature
Correct Answer: D
QUESTION 83
What statement is true concerning PAT?
A. PAT provides access control.
B. PAT is the preferred method to map servers to external networks.
C. PAT rewrites the source address and port.
D. PAT keeps ports but rewrites address.
Correct Answer: C
QUESTION 84
When configuring IOS firewall (CBAC) operations on Cisco routers, the “inspectin rule” could be applied at which two locations? (Choose two.)
A. at theuntrusted interface in the outbound direction
B. at the trusted interface in the inbound direction
C. at the trusted anduntrusted interface in the inbound direction
D. at the trusted interface in the outbound direction
E. at theuntrusted interface in the inbound direction
F. at the trusted anduntrusted interface in the outbound direction
Correct Answer: AB
QUESTION 85
With the Cisco’s IOS Authentication Proxy feature, users can initiate network access via which three protocols? (Choose three)
A. HTTP/HTTPS
B. L2TP
C. TELNET
D. IPSec
E. SSH
F. FTP
Correct Answer: ACF Exam B
QUESTION 1
Which four of these areas can be characterized for network risk assessment testing methodology? (Choose four)
A. Router hostname and IP addressing scheme
B. Router filtering rules
C. Route optimization
D. Database connectivity and RTT
E. Weak authentication mecharisms
F. Improperly configured email servers
G. Potential web server exploits
Correct Answer: BEFG
QUESTION 2
What does the “authoritative” flag in the show ip nhrp command output indicate?
A. It indicates that information was learned from the source mapping information of an NHRP resolution request received by the local router or from an NHRP resolution packet being forwarded through the local router.
B. It indicates an NHRP mapping entry for networks local to this router for which this router has answered an NHRP resolution request
C. It indicates that the NHRP information was obtained from the next-hop server or router that maintains the NBMA-to-IP address mapping for a particular destination
D. It indicates that this NHRP mapping entry must be unique; it cannot be overwritten with a mapping entry that has the same IP address but a different NBMA address.
Correct Answer: C
QUESTION 3
Refer to the exhibit From the ASDM NAT Rules table, inside host 10.1.0.4 is translated to which IP address on the outside?
A. 203.0.113.254
B. 192.168.3.3
C. 192.168.3.4
D. 203.0.113.113
E. 203.0.113.114
Correct Answer: E
QUESTION 4
Unicast Reverse Path Forwarding(Uncast RPF) is a protection mechanism that can be used against which of these?
A. TCP session hijacking attacks
B. Brute-force attacks
C. Teardrop attacks
D. Password attacks
E. Birthday attacks
F. Spoofing attacks
Correct Answer: F
QUESTION 5
You run the show ipv6 port-map telnet command and you see that the port 23 (system-defined) message and the port 223 (user-defined) message are displayed. Which command is in the router configuration?
A. Ipv6 port-map port telnet 223
B. Ipv6 port-map port 23 port 23223
C. Ipv6 port-map telnet port 23 223
D. Ipv6 port-map telnet port 223
Correct Answer: D
QUESTION 6
Which three of these are among the implicit IPv6 ACL rules in Cisco IOS allowing ICMPv6 neighbor discovery? (Choose three)
A. permit icmp any any nd-na
B. deny icmp any any nd-na
C. permit icmp any any nd-ns
D. deny icmp any any nd-nn
E. permit ipv6 any any
F. deny ipv6 any any
Correct Answer: ACF
QUESTION 7
Hypertext Transfer Protocol (HTTP) version 1.1 introduced several improvements over HTTP 1.0, which resulted in improved performance (faster page displays) for end users. Which three of these of these enhancements were added to the HTTP 1.1 protocol over the HTTP 1.0 protocol? (Choose three)
A. GET requests
B. Persistent connections
C. Selective acknowledgements
D. Chunked encoding
E. HTTP pipelining
Correct Answer: BDE
QUESTION 8
What is the default TCP port used to remotely manage a Cisco Secure ACS v4.x software application server?
A. 2000
B. 2001
C. 2002
D. 2005
E. 2020
Correct Answer: C
QUESTION 9
Before you can configuration Professional, you must do what?
A. Create a default password, and then attach it to the router list in the community map
B. Create a community, and then add devices to that community
C. Create a discovery map, and then bind this map to the community
D. Create a hostname-to-IP-address mapping, and then add this map reference in the community
Correct Answer: B
QUESTION 10
Which two of these correctly describe the following command?(Choose two) Aaa authentication ppp user-radius if-needed group radius
A. RADIUS authentication will be used for lines using PPP with CHAP only
B. RADIUS authentication will be used for lines using PPP with CHAP or PAP
C. RADIUS authentication is not performed if the user has been authenticated/authorized
D. If the action returns an error, the user will be allowed access without authentication
E. The user radius keyword specifies that all RADIUS servers are to be used
Correct Answer: BC
QUESTION 11
Which three of these are security properties that TLS v1 .2 provides?(Choose three)
A. Confidentiality
B. Integrity
C. Availability
D. Authentication
E. Authorization
Correct Answer: ABD
QUESTION 12
Which three of these are performed by both RADIUS and TACACS+ servers?(choose three)
A. Login authentication
B. EXEC authorization
C. Command authorization
D. EXEC accounting
E. Command accounting
Correct Answer: ABD
QUESTION 13
In the context of Cisco Configuration Professional, to discover a router means to establish a session to the router using either secure or nonsecure means, do which of the following, and populate a screen with the information obtained?
A. read the configuration present in the router
B. read the IOS version in the router
C. read the interface(s) information in the router
D. read the CPU information in the router
E. check if the router is UP or Down
Correct Answer: A
QUESTION 14
When a failover takes place on an adaptive security appliance configured for failover, all active connections are dropped and clients must reestablish their connections, unless the adaptive security appliance is configured in which two of the following ways?(Choose two)
A. active/standby failover
B. active/active failover
C. active/active failover and a state failover link has been configured
D. active/standby failover and a state failover link has been configured
E. to use a serial cable as the failover link F LAN-based failover
Correct Answer: CD QUESTION 15
What is the main purpose of FlexConfig in Cisco Security Manager?
A. to share configuration between multiple devices
B. to configure device commands that are not supported by Cisco Security Manager
C. to duplicate/clone basic configuration of a device
D. to merge multiple policies into a simplified view
E. to configure complex commands for a device
Correct Answer: B
QUESTION 16
The communication between Cisco Configuration Professional and a Cisco router is secured using which of these?
A. IPsec
B. ESP
C. SSL
D. GDOI
E. Cisco proprietary encryption
Correct Answer: C
QUESTION 17
Which of these is a core function of the risk assessment process?
A. performing regular network upgrades
B. performing network optimization
C. performing network posture validation
D. establishing network baselines
E. performing network roll-outs
Correct Answer: D
QUESTION 18
Which two of these statements about SMTP and ESMTP are the most correct?(Choose two)
A. Open mail relays are often used for spamming
B. ESMTP does not provide more security features than SMTP
C. SMTP provides authenticated e-mail sending
D. Worms often spread via SMTP
Correct Answer: AD
QUESTION 19
Which two of these are valid TACACS+ Accounting packets?(Choose two)
A. REQUEST
B. REPLY
C. RESPONSE
D. CONTINUE
E. START
Correct Answer: AC
QUESTION 20
Using FTP passive mode, after the client opens the command channel (port 21) to the FTP server and requests passive mode, what will be the next step?
A. The FTP server sends back an acknowledgment (ACK) to the client
B. The FTP server allocates a port to use for the data channel and transmit that port number to the client
C. The FTP server opens the data channel to the client using the port number indicated by the client
D. The FTP client opens the data channel to the FTP server on Port 20
E. The FTP client opens the data channel to the FTP server on Port 21
Correct Answer: B
QUESTION 21
All of these correctly describe SNMPv3 except which one?
A. does not provide any protection against denial of service attacks
B. provides a mechanism for verification that messages have not been altered in transit
C. requires the use of NTP to correctly synchronize timestamps and generate public/private key pairs used for encryption of messages
D. provides a mechanism for verivication of the identily of the device that generated the message E includes timeliness indicators in each message so the receiving SNMP engine can determine if it was sent recently
Correct Answer: C
QUESTION 22
A DNS open resolver is vulnerable to which three of these malicious activities?(choose three)
A. cache poisoning attack
B. amplification attack
C. ping of death attack
D. resource utilization attack
E. Blue screen of death
F. nachi worm attack
Correct Answer: ABD
QUESTION 23
Which of these statements best describes the advantage of using cisco secure desktop which is part of the cisco ASA VPN solution?
A. Secure desktop will create a completely separate computing environment that will be deleted when you are done. This ensures that no confidential data has been left on the shared/public computer.
B. Secure desktop is used to protect access to your registry and system files when browsing to SSL/VPN protected pages.
C. Secure Desktop ensures that an SSL protected password cannot be exploited by a main in the middle attack using a spoofed certificate.
D. Secure desktop hardens the operating system of the machines you are using at the time secure desktop is launched.
Correct Answer: A
QUESTION 24
For a router to obtain a certificate from a CA (Certificate Authority) , what is the first step of the certificate enrollment process ?
A. the router generates a certificate request and forwards it to the CA
B. the router generates an RSA key pair
C. the router sends its public key to the CA
D. the CA sends its public key to the router
E. the CA verifies the identity of the router
F. the CA generates a certificate request and forwards it to the router
Correct Answer: B
QUESTION 25
What is the default username and password set for cisco security deyice manager(SDM)?
A. sdm/sdm
B. sdm/cisco
C. cisco/sdm
D. cisco/cisco
E. cisco/cisco123
Correct Answer: D
QUESTION 26
The BPDU guard feature disables which kind of port when the port receives a BPDU packet?
A. any port
B. nonegotiate port
C. access port
D. portfast port
E. root port
Correct Answer: D
QUESTION 27
Refer to the exhibit the exhibit illustrates which type of attack?
A. virus infection
B. worm propagation
C. port scanning D. denial of service (Dos)
E. distributed Dos (DDos)
Correct Answer: E
QUESTION 28
All of these phases of the Security Incident Response methodology except which one?
A. planning
B. preparation
C. identification
D. classification
E. reaction
F. restructuring
G. post-mortem
Correct Answer: F
QUESTION 29
Which four routing protocols are supported when using Cisco Configuration Professional? (Choose four.)
A. RIPv1
B. RIPv2
C. IGRP
D. EIGRP
E. OSPF
F. BGP
Correct Answer: ABDE
QUESTION 30
Refer to the exhibit. Switch SW2 has just been added to Fa0/23 on SW1. After a few seconds, interface Fa0/23 on SW1 is placed in the error-disabled state. SW2 is removed from port Fa0/23 and inserted into SW1 port Fa0/22 with the same result. What is the most likely cause of this problem?
A. The Spanning-tree PortFast feature has been conigured on SW1.
B. BPDU filtering has been enable either globally or on the interfaces of SW1.
C. The BPDU guard feature has been enabled on the FastEthernet interfaces of SW1.
D. The FastEthernet interfaces of SW1 are unable to autonegotiate speed and duplex with SW2.
E. PAgP is unable to correctly negotiate VLAN trunk characteristics on the link between SW1 and SW2
Correct Answer: C
QUESTION 31
Application layer protocol inspection is available for the Cisco ASA 5500 Series Adaptive Security Appliance. This feature performs which type of action on traffic traversing the firewall?
A. classification and policing (for QoS)
B. deep packet inspection
C. flexible packet matching
D. reverse path forwarding
E. remote triggering of a black hole
Correct Answer: B
QUESTION 32
Which two of these are true about TFTP? (Choose two.)
A. TFTP includes a basic username/password authentication mechasim.
B. While “putting” files via TFTP is possible. It is good practice to disallow it, because TFTP lacks access control mechanisms.
C. TFTP uses a very basic “stop and wait” mechanism for flow control, for which each packet needs to be acknowledged before the next one is sent.
D. TFTP root directories need to be world-readable and -writable due to the lack of security controls in the protocol.
E. TFTP can list remote directory contents, but only if advanced options (as defined in RFC 2347) are negotiated between client and server at initial connection time.
Correct Answer: BC
QUESTION 33
Routing loops can occurs in distance vector routing protocols if the network has inconsistent routing entries. Which three of these methods can be used to avoid them? (Choose three.)
A. split horizon
B. route poisoning
C. route suppression
D. route splitting
E. hold-down timers
Correct Answer: ABE
QUESTION 34
CustomerA has set up a central syslog server to receive all syslog messages from its routers. The IP address of this central server is 1.1.1.1, and the customer wants all messages of level “error” and above to be sent there. In addition, it wants all messages of level “warning” and above to be stored locally on the router. Assuming logging is already enabled, which three commands on the router would accomplish these goals? ( Choose three.)
A. logging host 1.1.1.1 level errors
B. logging buffered warnings
C. logging device 1.1.1.1
D. logging buffer enable
E. logging host 1.1.1.1
F. logging facility local-buffer
G. logging trap errors
Correct Answer: BEG
QUESTION 35
When using Cisco Easy VPN Remote (hardware client deployment) in the client-mode setup, all of the following statements are correct except which one?
A. Perform split tunneling on the Cisco Easy VPN Remote device.
B. Initiate a connection from a network behind the Cisco Easy VPN Server to the network behind the Cisco Easy VPN Remote client.
C. Set the Cisco Easy VPN Remote to allow an administrator or user to manually initiate a connection.
D. Set the Cisco Easy VPN Remote to automatically connect to the Cisco Easy VPN Serer.
Correct Answer: B
QUESTION 36
Which three of these are properties of the Authentication Header (AH) protocol?(choose three)
A. Provides data integrity
B. Provides data confidentiality
C. Provides data authentication
D. Use IP protocol number 50
E. Optionally provides replay protection
Correct Answer: ACE
QUESTION 37
Which two of these statements regarding Authentication Header (AH) are true?(choose two)
A. AH requires the use of Encapsulation Security Payload (ESP) to work correctly
B. AH provides authentication for most of the “outer” IP header, as well as the upper layer protocols
C. AH can be deployed in tunnel mode only
D. AH is not commonly used, because it can only encrypt the original packet using a DES encryption algorithm.
E. AH will work through a NAT (one-to-one) device, but not through a PAT(one-to-many) device
F. AH use an IP protocol number of 51
Correct Answer: BF
QUESTION 38
DNS Security Extension (DNSSEC) adds security functionality to the Domain Name System for which three purposes? (Choose three)
A. Origin authentication of DNS data
B. Protection against denial of service (DoS) attacks
C. Integrated data encryption using ESP
D. Inclusion of the authorization flag in the DNS lookup
E. Providing of confidentiality of data
F. Data integrity
Correct Answer: ADF QUESTION 39
What is the net effect of using ICMP type 4 messages to attack RFC 1122-compliant hosts?
A. Hosts will perform a .soft. TCP reset and restart the connection.
B. Hosts will perform a .oehard. TCP reset and tear down the connection
C. Hosts will reduce the rate at which they inject traffic into the network
D. Hosts will redirect packets to the IP address indicated in the ICMP type 4 message
E. Hosts will retransmit the last frame sent prior to receiving the ICMP type 4 message
Correct Answer: C
QUESTION 40
All of these are available from Cisco IPS Device Manager (Cisco IDM) except which one?
A. Interface Status
B. Global Correlation Reports
C. Sensor Information
D. CPU, Memory, and Load
E. Top Signatures
F. Top Applications
Correct Answer: E
QUESTION 41
Which three of these protocols are supported when using TACACS+?(choose three)
A. Apple Talk
B. CHAP
C. NASI
D. NetBIOS
E. Kerberos
Correct Answer: ACD
QUESTION 42
Which are the three benefits of Cisco IPS Manager Express (Cisco IME) compared to Cisco IPS Device Manager (Cisco IDM) ? (Choose three)
A. Advanced Cisco IPS signatures can be configured with Cisco IME, while only base Cisco IPS signatures can be configured with Cisco IDM.
B. Cisco IME can manage up to 10 Cisco IPS device while Cisco IDM can only manage a single Cisco IPS device.
C. A live RSS feed for cisco security alert can be set up on Cisco IME, but not on Cisco IDM.
D. The sensor health dashboard can only be viewed on Cisco IME, not on Cisco IDM
E. Email notification can be set from Cisco IME if an event is being triggered by Cisco IPS, but cannot be sent from Cisco IDM
F. Automatic signature updating can can only be provisioned from Cisco IME, not from Cisco IDM.
Correct Answer: BCE
QUESTION 43
Identity NAT translates which of these?
A. The source IP address to the interface IP address
B. The local IP address to a global IP address
C. An IP address to itself
D. The destination IP address to an RFC 1918 address
E. The local IP address to a DNS-resolved IP address
F. The global IP address to a local IP address
Correct Answer: C
QUESTION 44
Which two of these commands are required to implement a Cisco Catalyst 6500 Series Firewall Services Module (FWSM) in a Catalyst 6500 running Cisco IOS?(Choose two).
A. firewall multiple-vlan-interfaces
B. firewall module xvlan-groupy
C. Module xsecure-traffic
D. Firewall vlan-groupy <vlan-x>
E. Firewall module xsecure-traffic
Correct Answer: BD
QUESTION 45
Which of these statements is true about EIGRP?
A. It conserves network bandwidth by using periodic, incremental updates to propagate network changes to its neighbors
B. It can install up to eight equal-cost paths to a given destination in its routing table
C. It is possible for two EIGRP routers to become neighbors even if the hello and hold timers do not match.
D. EIGRP updates can be sent between two discontinuous autonomous systems via a virtual link.
E. EIGRP packets can be both authenticated and encrypted to ensure that the information exchange is reliable and confidential
Correct Answer: A
QUESTION 46
In ISO 27001 ISMS, which three of these certification process phases are required to collect information for ISO 27001? (Choose three.)
A. discover
B. certification audit
C. post-audit
D. observation
E. pre-audit
F. major compliance
Correct Answer: BCE
QUESTION 47
The Internet Engineering Task Force (IETF) is a collaborative effort by the international community of Internet professionals to improve the design.use,and management of the Internet. Which international organization charters the activity of IETF?
A. IANA
B. ISO
C. ISOC
D. RIR
E. IEC
Correct Answer: C QUESTION 48
When configuring a Cisco adaptive security appliance in multiple context mode, which one of these capabilities is supported?
A. multicast
B. dynamic routing protocols
C. VPN configurations
D. static routes
Correct Answer: D
QUESTION 49
What is the main purpose of a denial of service attack?
A. unauthorized data manipulation
B. the gaining of system access
C. privilege escalation on a victim or compromised host
D. impeding of the availability of a resource to authorized users
E. unauthorized discovery and mapping of systems, services, or vulnerabilities
Correct Answer: D
QUESTION 50
When sending an e-mail message using Simple Mail Transfer(SMTP),the client must signal to the mail server that the message is complete by terminating the message with which of these?
A. END
B. SEND
C. <CR><F>
D. <CR><LF>.<CR><LF>
E. CTRL+C
Correct Answer: D
Flydumps Cisco 350-018 exam dumps are audited by our certified subject matter experts and published authors for development. Flydumps Cisco 350-018 exam dumps are one of the highest quality Cisco 350-018 Q&As in the world. It covers nearly 96% real questions and answers, including the entire testing scope. Flydumps guarantees you pass Cisco 350-018 exam at first attempt.