cisco 350-018 mock exams
DESCRIPTION
Cisco 350-018 Mock Exams is the best way to prepare your certification. You can prepare in better way with the assistance of these mock exams prepare by skilled persons and treat this mock exams like real exams. Visit http://www.pass4sures.com/350-018.html to get latest mock examsTRANSCRIPT
Cisco 350-018
CCIE Pre-Qualification Test for SecurityVersion: Demo 5.1
Topic 1, Volume A
QUESTION NO: 1 Which two of these statements regarding Authentication Header (AH) are true? (Choose two.) A. AH requires the use of Encapsulating Security Payload (ESP) to work correctly. B. AH provides authentication for most of the "outer" IP header, as well as the upper layerprotocols. C. AH can be deployed in tunnel mode only. D. AH is not commonly used, because it can only encrypt the original packet using a DESencryption algorithm. E. AH will work through a NAT (one-to-one) device, but not through a PAT (one-to-many) device. F. AH uses an IP protocol number of 51.
Answer: B,F
Explanation:
Topic 2, Volume C
QUESTION NO: 2 Choose the correct security statements about the HTTP protocol and its use. (Choose 2) A. HTTP is often used to tunnel communication for insecure clients such as P2P. B. HTTP can provide server identification. C. HTTP is NOT often used to tunnel communication for insecure clients such as P2P. D. Cookies can not provide information about where you have been. E. Long URLs are not used to provoke buffer overflows.
Answer: A,B
Explanation:
QUESTION NO: 3 SWA has a priority of 8192 while SWB has a priority of 32768. Which switch will be root _why? A. SWA, it has the lowest priority. B. SWB, it has the highest priority.
Cisco 350-018 Exam
"A Composite Solution With Just One Click" - Certification Guaranteed 2
C. Neither, it will be determined by the lowest MAC address. D. Neither, it will be determined by the lowest cost to the root switch.
Answer: A
Explanation:
Topic 1, Volume A
QUESTION NO: 4 Which three of these Windows operating system services run automatically (are automaticallystarted upon appliance power up) on the Cisco Secure ACS Solution Engine? (Choose three.) A. Net Logon B. RunAs Service C. DHCP Client (only if the appliance is using DHCP) D. DNS Client E. Routing and Remote Access F. Windows Time
Answer: B,C,D
Explanation:
Topic 2, Volume C
QUESTION NO: 5 CSA network shield does which of the following? A. Prevents buffer overflows B. Drops malformed IP packets C. Stops your user-defined applications from responding to vulnerability scanners D. Prevents open listening network sockets E. Prevents users from entering unencrypted passwords
Answer: B
Explanation:
Cisco 350-018 Exam
"A Composite Solution With Just One Click" - Certification Guaranteed 3
Topic 3, Volume B
QUESTION NO: 6 When configuring system state conditions with the Cisco Security Agent, what is the resultingaction when configuring more than one system state condition? A. Any matching state condition will result with the state being triggered. B. Once a state condition is met, the system ceases searching further conditions and will causethe state condition to trigger. C. Once the state conditions are met, they become persistent and can only be removed using theReset feature. D. All specified state conditions are used as part of the requirements to be met to for the state totrigger.
Answer: D
Explanation:
QUESTION NO: 7 Low and slow reconnaissance scans used to gain information about a system to see if it isvulnerable to an attack can be stopped with which of the following Cisco products? A. ASA syn protection B. ASA ICMP application inspection. C. CSA quarantine lists. D. IPS syn attack signatures. E. Cisco Guard
Answer: C
Explanation:
Topic 1, Volume A
QUESTION NO: 8
Cisco 350-018 Exam
"A Composite Solution With Just One Click" - Certification Guaranteed 4
Which of these statements is true about EIGRP? A. It conserves network bandwidth by using periodic, incremental updates to propagate networkchanges to its neighbors. B. It can install up to eight equal-cost paths to a given destination in its routing table. C. It is possible for two EIGRP routers to become neighbors even if the hello and hold timers donot match. D. EIGRP updates can be sent between two discontiguous autonomous systems via a virtual link. E. EIGRP packets can be both authenticated and encrypted to ensure that the informationexchange is reliable and confidential.
Answer: A
Explanation:
QUESTION NO: 9 All of these are phases of the Security Incident Response methodology except which one? A. planning B. preparation C. identification D. classification E. reaction F. restructuring G. post-mortem
Answer: F
Explanation:
Topic 2, Volume C
QUESTION NO: 10 Which three steps are required to enable SSH Server on an IOS router? (Choose three) A. Configure a domain name B. Configure a host name C. Specifies a fingerprint that can be matched against the fingerprint of a CA certificate duringauthentication. D. Generate an RSA key pair. E. Configure the Crypto PKI trustpoint (CA) F. Import the SSH client fingerprint.
Cisco 350-018 Exam
"A Composite Solution With Just One Click" - Certification Guaranteed 5
Answer: A,B,D
Explanation:
Cisco 350-018 Exam
"A Composite Solution With Just One Click" - Certification Guaranteed 6