[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 491-500

Ensurepass

QUESTION 491

At the end of the Cisco TrustSec authentication process, which three pieces of information do both authenticator and supplicant know? (Choose three.)

 

A.

Peer device ID

B.

Peer Cisco TrustSec capability information

C.

SAP key

D.

Server device ID

E.

Service ID

F.

Server peers information

 

Correct Answer: ABC

 

 

QUESTION 492

You are preparing Control Plane Protection configurations for implementation on the router, which has the EBGP peering address 1.1.1.2. Which ACL statement can you use to classify the related traffic into the EBGP traffic compartment?

 

A.

permit tcp host 1.1.1.1 gt 1024 host 1.1.1.2 eq bgp

permit tcp host 1.1.1.1 eq bgp host 1.1.1.2 gt 1024

B.

permit tcp host 1.1.1.2 gt 1024 host 1.1.1.2 eq bgp

permit tcp host 1.1.1.2 eq bgp host 1.1.1.2 gt 1024

C.

permit tcp host 10.1.1.1 gt 1024 host 10.1.1.2 eq bgp

permit tcp host 10.1.1.1 eq bgp host 10.1.1.2 gt 1024

D.

permit tcp host 1.1.1.1 gt 1024 host 1.1.1.1 eq bgp

permit tcp host 1.1.1.1 eq bgp host 1.1.1.1 gt 1024

 

Correct Answer: A

 

 

QUESTION 493

Which command enables fast-switched PBR?

 

A.

Router(config-if)# ip route-cache policy

B.

Router(config-if)# ip policy route-map map-tag

C.

Router(config-if)# no ip route-cache policy

D.

Router(config-if)# no ip policy route-map map-tag

 

Correct Answer: A

 

 

QUESTION 494

Which of these configurations shows how to configure MPP when only SSH, SNMP, and HTTP are allowed to access the router through the Gigabit Ethernet 0/3 interface and only HTTP is allowed to access the router through the Gigabit Ethernet 0/2 interface?

 

A.

Router(config-cp-host)# management-interface GigabitEthernet 0/3 allow http ssh snmp

Router(config-cp-host)# management-interface GigabitEthernet 0/2 allow http

B.

Router(config-cp-host)# management-interface GigabitEthernet 0/3 allow http ssh tftp snmp

Router(config-cp-host)# management-interface GigabitEthernet 0/2 allow http

C.

Router(config-cp-host)# management-interface GigabitEthernet 0/3 allow http ssh snmp

Router(config-cp-host)# management-interface GigabitEthernet 0/2 allow http ssh

D.

Router(config-cp-host)# management-interface GigabitEthernet 0/3 http ssh snmp

Router(config-cp-host)# management-interface GigabitEthernet 0/2 http

 

Correct Answer: A

 

 

QUESTION 495

Which three actions are advisable when implementing desktop security? (Choose three.)

 

A.

Installing and maintaining anti-virus/anti-malware software

B.

Educating users on the danger of opening files and attachments from un-trusted sources

C.

Statically defining user password based on information like employee ID number to reduce incidence of forgotten passwords

D.

Configuring multiple local network DHCP servers

E.

Staying up to date with operating system patches and updates

F.

Configuring client firewalls to automatically disable during business hours as not to impact production traffic and applications

 

Correct Answer: ABE

 

 

QUESTION 496

Why do you use a disk-image backup to perform forensic investigations?

 

A.

The backup timestamps the files with the date and time during copy operations.

B.

The backup creates a bit-level copy of the entire disk.

C.

The backup includes areas that are used for the data store.

D.

This is a secure way to perform a file copy.

 

Correct Answer: B

 

 

QUESTION 497

Which series of steps illustrates the correct flow for incident management?

 

A.

Identify, log, categorize, prioritize, initial diagnosis, escalate, investigate and diagnose, resolve and recover, close

B.

Categorize, log, identify, prioritize, initial diagnosis, escalate, investigate and diagnose, resolve and recover, close

C.

Identify, log, categorize, prioritize, initial diagnosis, investigate and diagnose, escalate, resolve and recover, close

D.

Identify, categorize, prioritize, log, initial diagnosis, escalate, investigate and diagnose, resolve and recover, close

 

Correct Answer: A

 

 

QUESTION 498

If an administrator is unable to connect to a Cisco ASA adaptive security appliance via Cisco ASDM, all of these would be useful for the administrator to check except which one?

 

A.

The HTTP server is enabled.

B.

The administrator IP is permitted in the interface ACL.

C.

The administrator IP is permitted in the HTTP statement.

D.

The ASDM file resides on flash memory.

E.

The asdm image command exists in the configuration.

 

Correct Answer: B

 

 

QUESTION 499

A Cisco ASA adaptive security appliance configured in multiple context mode supports which three of these features? (Choose three.)

 

A.

VPN

B.

NAT

C.

IPv6 traffic filtering

D.

multicast

E.

failover

 

Correct Answer: BCE

 

 

QUESTION 500

Low and slow reconnaissance scans used to gain information about a system to see if it is vulnerable to an attack can be stopped with which of the following Cisco products?

 

A.

ASA syn protection

B.

ASA ICMP application inspection

C.

CSA quarantine lists

D.

IPS syn attack signatures

E.

Cisco Guard

 

Correct Answer: C

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …