[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 291-300

Ensurepass

QUESTION 291

Which NTP stratum level means that the clock is unsynchronized?

 

A.

0

B.

1

C.

8

D.

16

 

Correct Answer: D

 

 

QUESTION 292

Which statement is true about an NTP server?

 

A.

It answers using UTC time.

B.

It uses the local time of the server with its time zone indication.

C.

It uses the local time of the server and does not indicate its time zone.

D.

It answers using the time zone of the client.

 

Correct Answer: A

 

 

QUESTION 293

Refer to the exhibit. What is this configuration designed to prevent?

 

clip_image002

 

A.

Man in the Middle Attacks

B.

DNS Inspection

C.

Backdoor control channels for infected hosts

D.

Dynamic payload inspection

Correct Answer: C

 

 

QUESTION 294

Which statement is true about an SNMPv2 communication?

 

A.

The whole communication is not encrypted.

B.

Only the community field is encrypted.

C.

Only the query packets are encrypted.

D.

The whole communication is encrypted.

 

Correct Answer: A

 

 

QUESTION 295

Refer to the exhibit. What does this configuration prevent?

 

clip_image003

 

A.

HTTP downloads of files with the “.bat” extension on all interfaces

B.

HTTP downloads of files with the “.batch” extension on the inside interface

C.

FTP commands of GET or PUT for files with the “.bat” extension on all interfaces

D.

FTP commands of GET or PUT for files with the “.batch” extension on the inside interface

 

Correct Answer: C

 

 

QUESTION 296

Which four functionalities are built into the ISE? (Choose four.)

 

A.

Profiling Server

B.

Profiling Collector

C.

RADIUS AAA for Device Administration

D.

RADIUS AAA for Network Access

E.

TACACS+ for Device Administration

F.

TACACS+ for Network Access

G.

Guest Lifecycle Management

 

Correct Answer: < /font>ABDG

 

 

QUESTION 297

Which statement is correct about the Cisco IOS Control Plane Protection feature?

 

A.

Control Plane Protection is restricted to the IPv4 or IPv6 input path.

B.

Traffic that is destined to the router with IP options will be redirected to the host control plane.

C.

Disabling CEF will remove all active control-plane protection policies. Aggregate control-plane policies will continue to operate.

D.

The open-port option of a port-filtering policy allows access to all TCP/UDP based services that are configured on the router.

 

Correct Answer: C

 

 

QUESTION 298

Which Category to Protocol mapping for NBAR is correct?

 

A.

Category: Enterprise Applications

Protocol: Citrix ICA, PCAnywhere, SAP, IMAP

B.

Category: Internet

Protocol: FTP, HTTP, TFTP

C.

Category: Network Management

Protocol: ICMP, SNMP, SSH, Telnet

D.

Category: Network Mail Services

Protocol: MAPI, POP3, SMTP

 

Correct Answer: B

 

 

QUESTION 299

Which two options correctly describe Remote Triggered Black Hole Filtering (RFC 5635)? (Choose two.)

 

A.

RTBH destination based filtering can drop traffic destined to a host based on triggered entries in the FIB.

B.

RTBH source based filtering will drop traffic from a source destined to a host based on triggered entries in the RIB.

C.

Loose uRPF must be used in conjunction with RTBH destination based filtering.

D.

Strict uRPF must be used in conjunction with RTBH source based filtering.

E.

RTBH uses a discard route on the edge devices of the network and a route server to send triggered route updates.

F.

When setting the BGP community attribute in a route-map for RTBH use the no-export community unless BGP confederations are used then use local-as to advertise to sub-as confederations.

 

Correct Answer: AE

 

 

 

 

QUESTION 300

A Cisco IOS router is configured as follows:

 

ip dns spoofing 192.168.20.1

 

What will the router respond with when it receives a DNS query for its own host name?

 

A.

The router will respond with the IP address of the incoming interface.

B.

The router will respond with 192.168.20.1 only if the outside interface is down.

C.

The router will respond with 192.168.20.1.

D.

The router will ignore the DNS query and forward it directly to the DNS server.

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …