[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 311-320

Ensurepass

QUESTION 311

Refer to the exhibit. According to this DHCP packet header, which field is populated by a DHCP relay agent with its own IP address before the DHCPDISCOVER message is forwarded to the DHCP server?

 

clip_image002

 

A.

ciaddr

B.

yiaddr

C.

siaddr

D.

giaddr

 

Correct Answer: D

 

 

 

 

 

 

 

 

QUESTION 312

Which statements apply to the above configuration? (Choose two.)

 

crypto isakmp profile vpn1

vrf vpn1

keyring vpn1

match identity address 172.16.1.1 255.255.255.255

crypto map crypmap 1 ipsec-isakmp

set peer 172.16.1.1

set transform-set vpn1

set isakmp-profile vpn1

match address 101

!

interface Ethernet1/2

crypto map crypmap

 

A.

This configuration shows the VRF-Aware IPsec feature that is used to map the crypto ISAKMP profile to a specific VRF.

B.

VRF and ISAKMP profiles are mutually exclusive, so the configuration is invalid.

C.

An IPsec tunnel can be mapped to a VRF instance.

D.

Peer command under the crypto map is redundant and not required.

 

Correct Answer: AC

 

 

QUESTION 313

MACsec, which is defined in 802.1AE, provides MAC-layer encryption over wired networks. Which two statements about MACsec are true? (Choose two.)

 

A.

Only links between network access devices and endpoint devices can be secured by using MACsec.

B.

MACsec is designed to support communications between network devices only.

C.

MACsec manages the encryption keys that the MKA protocol uses.

D.

A switch that uses MACsec accepts either MACsec or non-MACsec frames, depending on the policy that is associated with the client.

 

Correct Answer: AD

 

 

QUESTION 314

With ASM, sources can launch attacks by sending traffic to any groups that are supported by an active RP. Such traffic might not reach a receiver but will reach at least the first-hop router in the path, as well as the RP, allowing limited attacks. However, if the attacking source knows a group to which a target receiver is listening and there are no appropriate filters in place, then the attacking source can send traffic to that group. This traffic is received as long as the attacking source is listening to the group. Based on the above description, which type of security threat is involved?

 

A.

DoS

B.

man-in-the-middle

C.

compromised key

D.

data modification

 

Correct Answer: A

QUESTION 315

Which two statements about VTP passwords are true? (Choose two)

 

A.

The VTP password can only be configured when the switch is in Server mode.

B.

The VTP password is sent in the summary advertisements..

C.

The VTP password is encrypted for confidentiality using 3DES.

D.

VTP is not required to be configured on all switches in the domain.

E.

The VTP password is hashed to preserve authenticity using the MD5 algorithm.

F.

The VTP password can only be configured when the switch is in Client mode.

 

Correct Answer: BE

 

 

QUESTION 316

Which option represents IPv6 address ff02::1?

 

A.

PIM routers.

B.

RIP routers.

C.

all nodes on the local network.

D.

NTP.

 

Correct Answer: C

 

 

QUESTION 317

Which two statements about IPv6 are true? (Choose two.)

 

A.

Broadcast is available.

B.

Routing tables are less complicated.

C.

The address pool will eventually deplete.

D.

Data encryption is built into the packet frame.

E.

Increased NAT is required.

F.

Fewer bits makes IPv6 easier to configure.

 

Correct Answer: BD

 

 

QUESTION 318

Which statement describes an IPv6 benefit?

 

A.

Broadcast is not available.

B.

Routing tables are more complicated.

C.

The address pool is limited.

D.

Data encryption is not built into the packet frame.

E.

Increased NAT is required.

 

Correct Answer: A

 

 

 

 

 

 

QUESTION 319

Which option is representative of automatic IP addressing in IPv4?

 

A.

10.1.x.x

B.

172.10.1.x

C.

169.254.x.x

D.

196.245.x.x

E.

128.1.1.x

F.

127.1.x.x

 

Correct Answer: C

 

 

QUESTION 320

Refer to the exhibit. Which option describes the behavior of this configuration?

 

clip_image004

 

A.

Traffic from the 30.30.0.0/16 network to the 10.10.0.0/32 network will be translated.

B.

Traffic from the 30.30.0.0/32 network to the 10.10.0.0/16 network will not be translated.

C.

Traffic from the 10.10.0.0/16 netw
ork to the 30.30.30.0/24 network will not be translated.

D.

Traffic from the 10.10.0.0/32 network to the 30.30.30.0/16 network will be translated.

 

Correct Answer: C

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …