[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 351-360

Ensurepass

QUESTION 351

Which pair of ICMP messages is used in an inverse mapping attack?

 

A.

Echo-Echo Request

B.

Route Solicitation- Time Exceeded

C.

Echo-Time Exceeded

D.

Echo Reply-Host Unreachable

E.

Echo-Host Unreachable

 

Correct Answer: D

 

 

QUESTION 352

Which statement about a botnet attack is true?

 

A.

The botnet attack is an attack on a firewall to disable it’s filtering ability.

B.

The botnet attack is a network sweeping attack to find hosts that are alive alive behind the filtering device.

C.

The botnet attack is a collection of infected computers that launch automated attacks.

D.

The owner of the infected computer willingly participates in automated attacks.

E.

The botnet attack enhances the efficiency of the computer for effective automated attacks.

 

Correct Answer: C

 

 

QUESTION 353

Which two statements about IPS signatures are true? (Choose two.)

 

A.

All of the built-in signatures are enabled by default.

B.

Tuned signatures are built-in signatures whose parameters are adjusted.

C.

Once the signature is removed from the sensing engine it cannot be restored

D.

It is recommended not to retire a signature that is not being used because then it cannot be restored.

E.

It is possible to define custom signatures.

 

Correct Answer: BE

 

 

QUESTION 354

Which two statement about Infrastructure ACLs on Cisco IOS software are true? (Choose two.)

 

A.

Infrastructure ACLs are used to block-permit the traffic in the router forwarding path.

B.

Infrastructure ACLs are used to block-permit the traffic handled by the route processor.

C.

Infrastructure ACLs are used to block-permit the transit traffic.

D.

Infrastructure ACLs only protect device physical management interface.

&nbsp
;

Correct Answer: BD

 

 

QUESTION 355

Which statement about the SYN flood attack is true?

 

A.

The SYN flood attack is always directed from valid address.

B.

The SYN flood attack target is to deplete server memory so that legitimate request cannot be served.

C.

The SYN flood attack is meant to completely deplete the TCB SYN-Received state backlog.

D.

The SYN flood attack can be launched for both UDP and TCP open ports on the server.

E.

SYN-Received state backlog for TCBs is meant to protect server CPU cycles.

 

Correct Answer: C

 

 

QUESTION 356

The HTTP inspection engine has the ability to inspect traffic based on which three parameters? (Choose three.)

 

A.

Transfer Encoding

B.

Request Method

C.

Header

D.

Application Type

E.

Header Size

F.

Source Address

 

Correct Answer: ABD

 

 

QUESTION 357

For which two reasons BVI is required in the Transparent Cisco IOS Firewall? (Choose two)

 

A.

BVI is required for the inspection of IP traffic.

B.

The firewall can perform routing on bridged interfaces.

C.

BVI is required if routing is disabled on the firewall.

< /td>

D.

BVI is required if more than two interfaces are in a bridge group.

E.

BVI is required for the inspection of non-IP traffic.

F.

BVI can manage the device without having an interface that is configured for routing.

 

Correct Answer: DF

 

 

QUESTION 358

Event Store is a component of which IPS application?

 

A.

SensorApp

B.

InterfaceApp

C.

MainApp

D.

NotificationApp

E.

AuthenticationApp

 

Correct Answer: C

 

 

QUESTION 359

Which statement about the Cisco Secure ACS Solution Engine TACACS+ AV pair is true?

 

A.

AV pairs are only required to be enabled on Cisco Secure ACS for successful implementation.

B.

The Cisco Secure ACS Solution Engine does not support accounting AV pairs.

C.

AV pairs are only string values.

D.

AV pairs are of two types: string and integer.

 

Correct Answer: C

 

 

QUESTION 360

Refer to the exhibit. Which option describes the behavior of this configuration?

 

clip_image002

 

A.

Devices that perform IEEE 802.1X should be in the MAC address database for successful authentication.

B.

IEEE 802.1x devices must fail MAB to perform IEEE 802.1X authentication.

C.

If 802.1X fails, the device will be assigned to the default guest VLAN.

D.

The device will perform subsequent IEEE 802.1X authentication if it passed MAB authentication.

E.

If the device fails IEEE 802.1X, it will start MAB again.

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …