|
Cisco 350-018 Exam - ActualPaper.net Free 350-018 Sample Questions: 1. How do TCP SYN attacks take advantage of TCP to prevent new connections from being established to a host under attack?
A. These attacks send multiple FIN segments forcing TCP connection release.
B. These attacks fill up a hosts' listen queue by failing to ACK partially opened TCP connections.
C. These attacks take advantage of the hosts transmit backoff algorithm by sending jam signals to the host.
D. These attacks increment the ISN of each segment by a random number causing constant TCP retransmissions.
E. These attacks send TCP RST segments in response to connection SYN+ACK segments forcing SYN retransmissions.
Answer: B
2. What are two key characteristics of VTP? (Choose 2)
A. VTP messages are sent out all switchswitch connections.
B. VTP L2 messages are communicated to neighbors using CDP.
C. VTP manages addition, deletion, and renaming of VLANs 1 to 4094. D. VTP pruning restricts flooded traffic, increasing available bandwidth.
E. VTP V2 can only be used in a domain consisting of V2 capable switches.
F. VTP V2 performs consistency checks on all sources of VLAN information.
Answer: D, E
3. Refer to the Exhibit. Switch SW2 has just been added to FastEthernet 0/23 on SW1. After a few seconds, interface Fa0/23 on SW1 is placed in the errordisabled state. SW2 is removed from port 0/23 and inserted into SW1 port Fa0/22 with the same result. What is the most likely cause of this problem?
A. The spanningtree portfast feature has been configured on SW1.
B. BPDU filtering has been enabled either globally or on the interfaces of SW1.
C. The BPDU guard feature has been enabled on the FastEthernet interfaces of SW1.
D. The FastEthernet interfaces of SW1 are unable to autonegotiate speed and duplex with SW2.
E. PAgP is unable to correctly negotiate VLAN trunk characteristics on the link between SW1 and SW2.
Answer: C
4. What are two important guidelines to follow when implementing VTP? (Choose 2)
A. CDP must be enabled on all switches in the VTP management domain.
B. All switches in the VTP domain must run the same version of VTP.
C. When using secure mode VTP, only configure management domain passwords on VTP servers.
D. Enabling VTP pruning on a server will enable the feature for the entire management domain. E. Use of the VTP multidomain feature should be restricted to migration and temporary implementation.
Answer: B, D
5. Refer to the Exhibit. The Cisco IOSbased switches are configured with VTP and VLANs as shown. The network administrator wants to quickly add the VLANs defined on SW1 to SW2's configuration and so he copies the vlan.dat file from the flash on SW1 to the flash of SW2. After the file is copied to SW2, it is rebooted. What is the VLAN status of SW2 after the reboot?
A. The VLAN information on SW2 will remain the same since it has been configured for transparent VTP mode.
B. SW2 will clear the vlan.dat file and load its VLAN information from the configuration file stored in NVRAM.
C. A VTP mode mismatch will occur causing the VLANS in the startup config to be ignored and all VLANs above 1005 to be erased.
D. The VLANs in the vlan.dat file will be copied to the running config and merged with the extended VLANs defined in the startup config.
E. All VLANs will be erased and all ports will be moved into the default VLAN 1.
Answer: C
6. Refer to the Exhibit. Under normal conditions, SW1 is spanning tree root and the link between SW2 and SW3 is in the blocking state. This network transports large amounts of traffic and is heavily loaded. After a software upgrade to these switches, users are complaining about slow performance. To
troubleshoot, the commands shown in the exhibit are entered. What two are the most likely causes of this issue?
A. Lack of BPDUs from high priority bridge SW1 causes SW3 to unblock Fa1/1.
B. Duplex mismatch on the link between SW1 and SW3 causing high rate of collisions.
C. The Max Age timers on SW1 and SW2 have been changed and no longer match the MAX Age timer on SW3.
D. UDLD has not been configured between SW1 and SW3 so SW3 errantly sees its link to SW1 as up and operational.
E. The bridge priority of SW1 was changed to be greater than 32768 allowing SW2 to become the new root of the spanning tree.
Answer: A, B
7. Which algorithms did TKIP add to the 802.11 specification? (Choose 3)
A. key mixing
B. AESbased encryption
C. antireplay sequence counter
D. message integrity check
E. cyclic redundancy check
Answer: A, C, D
8. According to RFC 3180, what is the correct GLOP address for AS 456?
A. 224.0.4.86
B. 224.4.86.0
C. 233.1.200.0
D. 239.2.213.0
E. 239.4.5.6
Answer: C
9. A network administrator is using a LAN analyzer to troubleshoot OSPF router exchange messages sent to ALL OSPF ROUTERS. To what MAC address are these messages sent?
A. 00001CEF0000
B. 01005E000005
C. 01005EEF0000
D. EFFFFF000005
E. EF0000FFFFFF
F. FFFFFFFFFFFF
Answer: B
10. Which two IP multicast addresses belong to the group represented by the MAC address of 0x01005E156A2C?
A. 224.21.106.44
B. 224.25.106.44
C. 233.149.106.44
D. 236.25.106.44
E. 239.153.106.44
Answer: A, C
11. How is the Cisco sensor software version 5.0 different from the version 4.0 release?
A. The monitoring system pulls events from the sensor
B. The sensor supports intrusion prevention functinality
C. The sensor pushes events to the monitoring system
D. The sensor uses RDEP E. The sensor software calculates a Risk Rating for alerts to reduce false positives
Answer: B, E
12. What is SDEE?
A. A Cisco proprietary protocol to transfer IDS events across the network
B. A protocol used by multiple vendors to transmit IDS events across the network
C. A queuing mechanism to store alerts
D. A mechanism to securely encode intrusion events in an event store E. A multipurpose encryption engine to symmetrically encrpt data across the network
Answer: B
13. Whenever a failover takes place on the ASA (configured for failover), all active connections are dropped and clients must reestablish their connections unless: (Choose 2)
A. The ASA is configured for ActiveStandby failover. B. The ASA is configured for ActiveActive failover.
C. The ASA is configured for ActiveActive failover and a state failover link has been configured.
D. The ASA is configured for ActiveStandby failover and a state failover link has been configured.
E. The ASA is configured to use a serial cable as the failover link. F. The ASA is configured for LANBased failover
Answer: C, D
14. What is true about a PreBlock ACL configured when setting up your sensor to perform IP Blocking?
A. The PreBlock ACL is overwritten when a blocking action is initiatied by the sensor
B. The blocking ACL entries generated by the sensor override the PreBlock ACL entries
C. The PreBlock ACL entries override the blocking ACL entries generated by the sensor
D. The PreBlock ACL is replaced by the PostBlock ACL when a blocking action is initiated by the sensor
E. You can not configure a PreBlock ACL when configuring IP Blocking on your sensor
Answer: C
15. Which of the following is true about the Cisco IOSIPS functionality? (Choose 2)
A. The signatures available are built into the IOS code.
B. To update signatures you need to install a new IOS image
C. To activate new signatures you download a new Signature Defiition File (SDF) from Cisco's web site
D. Loading and enabling selected IPS signatures is user configurable
E. Cisco IOS only provides Intrusion Detection functionality
F. Cisco IOSIPS requires a network module installed in your router running sensor software
Answer: C, D
16. What is the main reason for using the "ip ips denyaction ipsinterface" IOS command?
A. To selectively apply drop actions to specific interfaces
B. To enable IOS to drop traffic for signatures configured with the Drop action
C. To support loadbalancing configurations in which traffic can arrive via multiple interfaces
D. This is not a valid IOS command
Answer: C
17. By default, to perform IPS deny actions, where is the ACL applied when using IOSIPS?
A. To the ingress interface of the offending packet
B. To the ingress interface on which IOSIPS is configured
C. To the egress interface on which IOSIPS is configured
D. To the egress interface of the offending packet
E. To the ingress interface of the offending packet and the ingress interface on which IOSIPS is configured
Answer: A
18. What two things must you do on the router before generating an SSH key with the "crypto key generate rsa" IOS command?
A. Configure the SSH version that the router will use
B. Configure the host name of the router
C. Enable AAA Authentication
D. Configure the default IP domain name that the router will use
E. Enable SSH transport support on the vty lines
Answer: B, D
19. When applying MD5 route authentication on routers running RIP or EIGRP, what two important key chain considerations should be accounted for?
A. The lifetimes of the keys in the chain should overlap.
B. No more than three keys should be configured in any single chain.
C. Routers should be configured for NTP to synchronize their clocks.
D. Key 0 of all key chains must match for all routers in the autonomous system.
E. Link compression techniques should be disabled on links transporting any MD5 "hash".
Answer: A, C
20. Whenever a failover takes place on the ASA running in failover mode, all active connections are dropped and clients must reestablish their connections unless
A. the ASA is configured for ActiveStandby failover.
B. the ASA is configured for ActiveActive failover.
C. the ASA is configured for ActiveActive failover and a state failover link has been configured.
D. the ASA is configured for ActiveStandby failover and a state failover link has been configured.
E. the ASA is configured to use a serial cable as the failover link. F. the ASA is configured for LANBased failover.
Answer: C, D |
