Pass 350-018 Test With Passleader 350-018 Certification Dumps In First Attempt (41-60)

QUESTION 41
Aggregate global IPv6 addresses begin with which
bit pattern in the first 16-bit group?

A.    000/3
B.    001/3
C.    010/2
D.    011/2

Answer: B

QUESTION 42
Which layer of the OSI reference model typically
deals with the physical addressing of interface cards?

A.    physical layer
B.    data-link layer
C.    network
layer
D.    host layer

Answer: B

QUESTION 43
Which statement best describes a key difference
in IPv6 fragmentation support compared to IPv4?

A.    In IPv6, IP fragmentation is no longer needed because all
Internet links must have an IP MTU of 1280 bytes or greater.
B.    In IPv6,
PMTUD is no longer performed by the source node of an IP packet.
C.    In
IPv6, IP fragmentation is no longer needed since all nodes must perform PMTUD
and send packets equal to or smaller than the minimum discovered path
MTU.
D.    In IPv6, PMTUD is no longer performed by any node since the don’t
fragment flag is removed from the IPv6 header.
E.    In IPv6, IP
fragmentation is performed only by the source node of a large packet, and not by
any other devices in the data path.

Answer: E

QUESTION 44
If a host receives a TCP packet with an SEQ
number of 1234, an ACK number of 5678, and a length of 1000 bytes, what will it
send in reply?

A.    a TCP packet with SEQ number: 6678, and ACK number:
1234
B.    a TCP packet with SEQ number: 2234, and ACK number: 5678
C.    a TCP packet with SEQ number: 1234, and ACK number: 2234
D.    a TCP packet
with SEQ number: 5678, and ACK number 2234

Answer: D

QUESTION 45
A network administrator uses a LAN analyzer to
troubleshoot OSPF router exchange messages sent to all OSPF routers. To which
one of these MAC addresses are these messages sent?

A.    00-00-1C-EF-00-00
B.    01-00-5E-00-00-05
C.    01-00-5E-EF-00-00
D.    EF-FF-FF-00-00-05
E.    EF-00-00-FF-FF-FF
F.    FF-FF-FF-FF-FF-FF

Answer: B

QUESTION 46
Comparing and contrasting IKEv1 and IKEv2, which
three statements are true? (Choose three.)

A.    IKEv2 adds EAP as a method of authentication for clients;
IKEv1 does not use EAP.
B.    IKEv1 and IKEv2 endpoints indicate support for
NAT-T via the vendor_ID payload.
C.    IKEv2 and IKEv1 always ensure
protection of the identities of the peers during the negotiation
process.
D.    IKEv2 provides user authentication via the IKE_AUTH exchange;
IKEv1 uses the XAUTH exchange.
E.    IKEv1 and IKEv2 both use INITIAL_CONTACT
to synchronize SAs.
F.    IKEv1 supports config mode via the SET/ACK and
REQUEST/RESPONSE methods; IKEv2 supports only REQUEST/RESPONSE.

Answer: ADE

QUESTION 47
Which three statements about GDOI are true?
(Choose three.)

A.    GDOI uses TCP port 848.
B.    The GROUPKEY_PULL
exchange is protected by an IKE phase 1 exchange.
C.    The KEK protects the
GROUPKEY_PUSH message.
D.    The TEK is used to encrypt and decrypt data
traffic.
E.    GDOI does not support PFS.

Answer: BCD

QUESTION 48
Which three nonproprietary EAP methods do not
require the use of a client-side certificate for mutual authentication? (Choose
three.)

A.    LEAP
B.    EAP-TLS
C.    PEAP
D.    EAP-TTLS
E.    EAP-FAST

Answer: CDE

QUESTION 49
When you compare WEP to WPA (not WPA2), which
three protections are gained? (Choose three.)

A.    a message integrity check
B.    AES-based
encryption
C.    avoidance of weak Initialization vectors
D.    longer RC4
keys
E.    a rekeying mechanism

Answer: ACE

QUESTION 50
Which option shows the correct sequence of the
DHCP packets that are involved in IP address assignment between the DHCP client
and the server?

A.    REQUEST, OFFER, ACK
B.    DISCOVER, OFFER, REQUEST,
ACK
C.    REQUEST, ASSIGN, ACK
D.    DISCOVER, ASSIGN, ACK
E.    REQUEST, DISCOVER, OFFER, ACK

Answer: B


Pass 350-018 Test With Passleader 350-018 Certification Dumps In First Attempt

http://www.passleader.com/350-018.html

QUESTION 51
Which common FTP client command transmits a
direct, byte-for-byte copy of a file?

A.    ascii
B.    binary
C.    hash
D.    quote
E.    glob

Answer: B

QUESTION 52
Which option is a desktop sharing application,
used across a variety of platforms, with default TCP ports 5800/5801 and
5900/5901?

A.    X Windows
B.    remote desktop protocol
C.    VNC
D.    desktop proxy

Answer: C

QUESTION 53
Which two of the following provide protect
against man-in-the-middle attacks? (Choose two.)

A.    TCP initial sequence number randomization?
B.    TCP
sliding-window checking
C.    Network Address Translation
D.    IPsec
VPNs
E.    Secure Sockets Layer

Answer: DE

QUESTION 54
An exploit that involves connecting to a
specific TCP port and gaining access to an administrative command prompt is an
example of which type of attack?

A.    botnet
B.    Trojan horse
C.    privilege
escalation
D.    DoS

Answer: C

QUESTION 55
When configuring an Infrastructure ACL (iACL) to
protect the IPv6 infrastructure of an enterprise network, where should the iACL
be applied??

A.    all infrastructure devices in both the inbound and
outbound direction
B.    all infrastructure devices in the inbound
direction
C.    all infrastructure devices in the outbound direction
D.    all parameter devices in both the inbound and outbound direction
E.    all
parameter devices in the inbound direction
F.    all parameter devices in the
outbound direction

Answer: E

QUESTION 56
What feature on the Cisco ASA is used to check
for the presence of an up-to-date antivirus vendor on an AnyConnect client?

A.    Dynamic Access Policies with no additional
options
B.    Dynamic Access Policies with Host Scan enabled
C.    advanced endpoint assessment
D.    LDAP attribute maps obtained from
Antivirus vendor

Answer: B

QUESTION 57
What type of attack consists of injecting
traffic that is marked with the DSCP value of EF into the network?

A.    brute-force attack
B.    QoS marking attack
C.    DHCP starvation attack
D.    SYN flood attack

Answer: B

QUESTION 58
Which statement is true regarding Cisco ASA
operations using software versions 8.3 and later?

A.    The global access list is matched first before the
interface access lists.
B.    Both the interface and global access lists can
be applied in the input or output direction.
C.    When creating an access
list entry using the Cisco ASDM Add Access Rule window, choosing “global” as the
interface will apply the access list entry globally.
D.    NAT control is
enabled by default.
E.    The static CLI command is used to configure static
NAT translation rules.

Answer: A

QUESTION 59
Which three multicast features are supported on
the Cisco ASA? (Choose three.)

A.    PIM sparse mode?
B.    IGMP forwarding?
C.    Auto-RP
D.    NAT of multicast traffic?

Answer: ABD

QUESTION 60
Which three configuration tasks are required for
VPN clustering of AnyConnect clients that are connecting to an FQDN on the Cisco
ASA?? (Choose three.)

A.    The redirect-fqdn command must be entered under the vpn
load-balancing sub-configuration.
B.    Each ASA in the VPN cluster must be
able to resolve the IP of all DNS hostnames that are used in the
cluster?.
C.    The identification and CA certificates for the master FQDN
hostname must be imported into each VPN cluster-member device?.
D.    The
remote-access IP pools must be configured the same on each VPN cluster-member
interface.

Answer: ABC


Pass 350-018 Test With Passleader 350-018 Certification Dumps In First Attempt

http://www.passleader.com/350-018.html