[Free] Download New Updated (April 2016) Cisco 350-018 Actual Tests 41-50

Ensurepass

QUESTION 41

An attacker configures an access point to broadcast the same SSID that is used at a public hot-spot, and launches a deauthentication attack against the clients that are connected to the hot-spot, with the hope that the clients will then associate to the AP of the attacker. In addition to the deauthentication attack, what attack has been launched?

 

A.

man-in-the-middle

B.

MAC spoofing

C.

Layer 1 DoS

D.

disassociation attack

 

Correct Answer: A

 

 

QUESTION 42

Refer to the exhibit. When configuring a Cisco IPS custom signature, what type of signature engine must you use to block podcast clients from accessing the network?

 

clip_image002

 

A.

service HTTP

B.

service TCP

C.

string TCP

D.

fixed TCP

E.

service GENERIC

 

Correct Answer: A

 

 

QUESTION 43

Refer to the exhibit. Which message of the ISAKMP exchange is failing?

 

clip_image004

 

A.

main mode 1

B.

main mode 3

C.

aggressive mode 1

D.

main mode 5

E.

aggressive mode 2

 

Correct Answer: B

 

 

 

QUESTION 44

Which statement best describes the concepts of rootkits and privilege escalation?

 

A.

Rootkits propagate themselves.

B.

Privilege escalation is the result of a rootkit.

C.

Rootkits are a result of a privilege escalation.

D.

Both of these require a TCP port to gain access.

 

Correct Answer: B

 

 

QUESTION 45

Which multicast capability is not supported by the Cisco ASA appliance?

 

A.

ASA configured as a rendezvous point

B.

Sending multicast traffic across a VPN tunnel

C.

NAT of multicast traffic

D.

IGMP forwarding (stub) mode

 

Correct Answer: B

 

 

QUESTION 46

Which method of output queuing is supported on the Cisco ASA appliance?

 

A.

CBWFQ

B.

priority queuing

C.

MDRR

D.

WFQ

E.

custom queuing

 

Correct Answer: B

 

 

QUESTION 47

Which four values can be used by the Cisco IPS appliance in the risk rating calculation? (Choose four.)

 

A.

attack severity rating

B.

target value rating

C.

signature fidelity rating

D.

promiscuous delta

E.

threat rating

F.

alert rating

 

Correct Answer: ABCD

 

 

 

 

 

 

 

QUESTION 48

Refer to the exhibit. What type of attack is being mitigated on the Cisco ASA appliance?

 

clip_image006

 

A.

HTTPS certificate man-in-the-middle attack

B.

HTTP distributed denial of service attack

C.

HTTP Shockwave Flash exploit

D.

HTTP SQL injection attack

 

Correct Answer: D

 

 

QUESTION 49

Which three authentication methods does the Cisco IBNS Flexible Authentication feature support? (Choose three.)

 

A.

cut-through proxy

B.

dot1x

C.

MAB

D.

SSO

E.

web authentication

 

Correct Answer: BCE

 

 

QUESTION 50

Troubleshooting the web authentication fallback feature on a Cisco Catalyst switch shows that clients with the 802.1X supplicant are able to authenticate, but clients without the supplicant are not able to use web authentication. Which configuration option will correct this issue?

 

A.

switch(config)# aaa accounting auth-proxy default start-stop group radius

B.

switch(config-if)# authentication host-mode multi-auth

C.

switch(config-if)# webauth

D.

switch(config)# ip http server

E.

switch(config-if)# authentication priority webauth dot1x

 

Correct Answer: D

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …