[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 201-210

Ensurepass

QUESTION 201

In an 802.11 wireless network, what would an attacker have to spoof to initiate a deauthentication attack against connected clients?

 

A.

the BSSID of the AP where the clients are currently connected

B.

the SSID of the wireless network

C.

the MAC address of the target client machine

D.

the broadcast address of the wireless network

 

Correct Answer: A

 

 

 

QUESTION 202

What is the commonly known name for the process of generating and gathering initialization vectors, either passively or actively, for the purpose of determining the security key of a wireless network?

 

A.

WEP cracking

B.

session hijacking

C.

man-in-the-middle attacks

D.

disassociation flood frames

 

Correct Answer: A

 

 

QUESTION 203

According to RFC 4890, which four ICMPv6 types are recommended to be allowed to transit a firewall? (Choose four.)

< span lang="EN-US" style="font-family: ; mso-font-kerning: 0pt; mso-no-proof: yes"> 

A.

Type 1 – destination unreachable

B.

Type 2 – packet too big

C.

Type 3 – time exceeded

D.

Type 0 – echo reply

E.

Type 8 – echo request

F.

Type 4 – parameter problem

 

Correct Answer: ABCF

 

 

QUESTION 204

Which action is performed first on the Cisco ASA appliance when it receives an incoming packet on its outside interface?

 

A.

check if the packet is permitted or denied by the inbound ACL applied to the outside interface

B.

check if the packet is permitted or denied by the global ACL

C.

check if the packet matches an existing connection in the connection table

D.

check if the packet matches an inspection policy

E.

check if the packet matches a NAT rule

F.

check if the packet needs to be passed to the Cisco ASA AIP-SSM for inspections

 

Correct Answer: C

 

 

QUESTION 205

If an incoming packet from the outside interface does not match an existing connection in the connection table, which action will the Cisco ASA appliance perform next?

 

A.

drop the packet

B.

check the outside interface inbound ACL to determine if the packet is permitted or denied

C.

perform NAT operations on the packet if required

D.

check the MPF policy to determine if the packet should be passed to the SSM

E.

perform stateful packet inspection based on the MPF policy

 

Correct Answer: B

 

QUESTION 206

Refer to the exhibit. Which three statements about the Cisco ASDM screen seen in the exhibit are true? (Choose three.)

 

clip_image001

 

A.

This access rule is applied to all the ASA interfaces in the inbound direction.

B.

The ASA administrator needs to expand the More Options tag to configure the inbound or outbound direction of the access rule.

C.

The ASA administrator needs to expand the More Options tag to apply the access rule to an interface.

D.

The resulting ASA CLI command from this ASDM configuration is access-list global_access line 1 extended permit ip host 1.1.1.1 host 2.2.2.1.

E.

This access rule is valid only on the ASA appliance that is running software release 8.3 or later.

F.

This is an outbound access rule.

 

Correct Answer: ADE

 

 

QUESTION 207

When you are configuring QoS on the Cisco ASA appliance, which four are valid traffic selection criteria? (Choose four.)

 

A.

VPN group

B.

tunnel group

C.

IP precedence

D.

DSCP

E.

default-inspection-traffic

F.

qos-group

 

Correct Answer: BCDE

 

 

 

 

QUESTION 208

Which command is required in order for the Botnet Traffic Filter on the Cisco ASA appliance to function properly?

 

A.

dynamic-filter inspect tcp/80

B.

dynamic-filter whitelist

C.

inspect botnet

D.

inspect dns dynamic-filter-snoop

 

Correct Answer: D

 

 

QUESTION 209

Refer to the exhibit. Choose the correct description of the implementation that produced this output on the Cisco ASA appliance.

 

clip_image002

 

A.

stateful failover using active-active for multi-context

B.

stateful failover using active-standby for multi-context

C.

stateful failover using active-standby for single-context

D.

stateless failover using interface-level failover for multi-context

 

Correct Answer: A

 

 

QUESTION 210

You have been asked to configure a Cisco ASA appliance in multiple mode with these settings:

 

A) You need two customer contexts, named contextA and contextB.

B) Allocate interfaces G0/0 and G0/1 to contextA.

C) Allocate interfaces G0/0 and G0/2 to contextB.

D) The physical interface name for G0/1 within contextA should be “inside”.

E) All other context interfaces must be viewable via their physical interface names.

 

If the admin context is alread

 

A.

context contextA

config-url disk0:/contextA.cfg

allocate-interface GigabitEthernet0/0 visible

allocate-interface GigabitEthernet0/1 inside

context contextB

config-url disk0:/contextB.cfg

allocate-interface GigabitEthernet0/0 visible

allocate-interface GigabitEthernet0/2 visible

B.

context contexta

config-url disk0:/contextA.cfg

allocate-interface GigabitEthernet0/0 visible

allocate-interface GigabitEthernet0/1 inside

context contextb

config-url disk0:/contextB.cfg

allocate-interface GigabitEthernet0/0 visible

allocate-interface GigabitEthernet0/2 visible

C.

context contextA

config-url disk0:/contextA.cfg

allocate-interface GigabitEthernet0/0 invisible

allocate-interface GigabitEthernet0/1 inside

context contextB

config-url disk0:/contextB.cfg

allocate-interface GigabitEthernet0/0 invisible

allocate-interface GigabitEthernet0/2 invisible

D.

context contextA

config-url disk0:/contextA.cfg

allocate-interface GigabitEthernet0/0

allocate-interface GigabitEthernet0/1 inside

context contextB

config-url disk0:/contextB.cfg

allocate-interface GigabitEthernet0/0

allocate-interface GigabitEthernet0/2

E.

context contextA

config-url disk0:/contextA.cfg

allocate-interface GigabitEthernet0/0 visible

allocate-interface GigabitEthernet0/1 inside

context contextB

config-url disk0:/contextB.cfg

allocate-interface GigabitEthernet0/1 visible

allocate-interface GigabitEthernet0/2 visible

 

Correct Answer: A

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …