[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 481-490

Ensurepass

QUESTION 481

Which two items are required for LDAP authenticated bind operations? (Choose two.)

 

A.

Root DN

B.

Password

C.

Username

D.

SSO

E.

UID

 

Correct Answer: AB

 

 

QUESTION 482

Which of the following two options can you configure to avoid iBGP full mesh? (Choose two.)

 

A.

Route reflectors

B.

Confederations

C.

BGP NHT

D.

Local preference

E.

Virtual peering

 

Correct Answer: AB

 

 

QUESTION 483

Which three authentication types does OSPF support? (Choose three.)

 

A.

Null

B.

Plaintext

C.

MD5

D.

PAP

E.

PEAP

F.

MS-CHAP

 

Correct Answer: ABC

 

 

QUESTION 484

Which three steps are required to rekey the routers on a link without dropping OSPFv3 protocol packets or disturbing the adjacency? (Choose three.)

 

A.

For every router on the link, create an additional inbound SA for the interface that is being rekeyed using a new SPI and the new key.

B.

For every router on the link, replace the original outbound SA with one that uses the new SPI and key values.

C.

For every router on the link, remove the original inbound SA.

D.

For every router on the link, create an additional outbound SA for the interface that is being rekeyed using a new SPI and the new key.

E.

For every router on the link, replace the original inbound SA with one that uses the new SPI and key values.

F.

For every router on the link, remove the original outbound SA.

 

Correct Answer: ABC

 

 

QUESTION 485

Which BGP configuration forces the session to tear down when the learned routes from the neighbor exceed 10?

 

A.

neighbor 10.0.0.1 maximum-prefix 10 80 warning-only

B.

neighbor 10.0.0.1 maximum-prefix 10 80

C.

neighbor 10.0.0.1 maximum-prefix 80 10 warning-only

D.

neighbor 10.0.0.1 maximum-prefix 80 10

 

Correct Answer: B

 

 

QUESTION 486

Which command can be used on a Cisco IOS device to prevent it from being used as an amplifier in a fraggle attack?

 

A.

no service tcp-small-servers

B.

no service udp-small-servers

C.

no ip directed-broadcast

D.

no ip redirects

 

Correct Answer: B

 

 

QUESTION 487

Which option is used for anti-replay prevention in a Cisco IOS IPsec implementation using tunnel protection?

 

A.

Session token

B.

One-time password

C.

Time stamps

D.

Sequence number

E.

Nonce

 

Correct Answer: D

 

 

QUESTION 488

Based on the above configuration, if the input packet size is 1300 bytes, what is the size of the packet leaves the tunnel after encapsulation?

 

Interface tunnel 1

ip address 10.1.1.1 255.255.255.252

ip mtu 1400

Tunnel source 172.16.1.1

Tunnel destination 172.16.1.2

Tunnel key 1111

 

A.

1324

B.

1325

C.

1326

D.

1328

 

Correct Answer: D

 

 

 

 

QUESTION 489

Refer to the exhibit. Based on the show command output, which statement is true?

 

clip_image001

 

A.

A NAT/PAT device is translating the local VPN endpoint.

B.

A NAT/PAT device is translating the remote VPN endpoint.

C.

A NAT/PAT device exists in the path between VPN endpoints.

D.

No NAT/PAT device exists in the path between VPN endpoints.

 

Correct Answer: C

 

 

QUESTION 490

You run the show ipv6 port-map telnet command and you see that the port 23 (system-defined) message and the port 223 (user-defined) message are displayed. Which command is in the router configuration?

 

A.

ipv6 port-map port telnet 223

B.

ipv6 port-map port 23 port 23223

C.

ipv6 port-map telnet port 23 233

D.

ipv6 port-map telnet port 223

 

Correct Answer: D

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …