New Updated Cisco CCIE Security 350-018 Real Exam Download 281-290

Ensurepass

QUESTION 281

Which two of the following statements are attributed to stateless filtering? (Choose two.)

 

A.      The first TCP packet in a flow must be a SYN packet.

B.      It must process every packet against the inbound ACL filter.

C.      It can look at sequence numbers to validate packets in flow.

D.      It must implement an idle timeout.

E.       It can be used in asymmetrical traffic flows.

 

Correct Answers: BE

 

 

QUESTION 282

Which MPLS label is the signaled value to activate PHP (penultimate hop popping)?

 

A.      0x00

B.      php

C.      swap

D.      push

E.       imp-null

 

Correct Answer: E

 

 

QUESTION 283

What action will be taken by a Cisco IOS router if a TCP packet, with the DF bit set, is larger than the egress interface MTU?

 

A.      Split the packet into two packets, so that neither packet exceeds the egress interface MTU, and forward them out.

B.      Respond to the sender with an ICMP Type 3, Code 4.

C.      Respond to the sender with an ICMP Type 12, Code 2.

D.      Transmit the packet unmodified.

 

Correct Answer: B

 

 

QUESTION 284

What will the receiving router do when it receives a packet that is too large to forward, and the DF bit is not set in the IP header?

 

A.      Drop the packet, and send the source an ICMP packet, indicating that the packet was too big to transmit.

B.      Fragment the packet into segments, with all segments having the MF bit set.

C.      Fragment the packet into segments, with all except the last segment having the MF bit set.

D.      Fragment the packet into segments, with all except the first segment having the MF bit set.

 

Correct Answer: C

 

 

QUESTION 285

Identify three IPv6 extension headers? (Choose three.)

 

A.      traffic class

B.      flow label

C.      routing

D.      fragment

E.       encapsulating security payload

 

Correct Answer: CDE

 

 

QUESTION 286

Which three statements correctly describe the purpose and operation of IPv6 RS and RA

messages? (Choose three.)

 

A.      Both IPv6 RS and RA packets are ICMPv6 messages.

B.      IPv6 RA messages can help host devices perform stateful or stateless address

autoconfiguration; RS messages are sent by hosts to determine the addresses of routers.

C.      RS and RA packets are always sent to an all-nodes multicast address.

D.      RS and RA packets are used by the duplicate address detection function of IPv6.

E.       IPv6 hosts learn connected router information from RA messages which may be sent in response to an RS message.

F.       RS and RA packets are used for IPv6 nodes to perform address resolution that is similar to ARP in IPv4.

 

Correct Answer: ABE

 

 

QUESTION 287

Which three statements are true regarding the EIGRP update message? (Choose three.)

 

A.      Updates require an acknowledgement with an ACK message.

B.      Updates can be sent to the multicast address 224.0.0.10.

C.      Updates are sent as unicasts when they are retransmitted.

D.      Updates always include all routes known by the router with partial updates sent in the Reply message.

E.       ACKs for updates are handled by TCP mechanisms.

 

Correct Answer: ABC

 

 

QUESTION 288

Which two OSPF network types support the concept of a designated router? (Choose two.)

 

A.      broadcast

B.      NBMA

C.      point-to-multipoint

D.      point-to-multipoint non-broadcast

E.       loopback

 

Correct Answer: AB

 

 

QUESTION 289

Which IPv6 routing protocol can use IPv6 ESP and AH to provide integrity, authentication, and confidentiality services to protect the routing information exchange between the adjacent routing neighbors?

 

A.      RIPng

B.      EIGRPv6

C.      BGP-4

D.      IS-IS

E.       OSPFv6

 

Correct Answer: E

 

 

QUESTION 290

Which three IPv6 tunneling methods are point-to-multipoint in nature? (Choose three.)

 

A.      automatic 6to4

B.      manually configured

C.      IPv6 over IPv4 GRE

D.      ISATAP

E.       automatic IPv4-compatible

 

Correct Answer: ADE

 

Download Latest Complete collection of 350-018 Real Q&As ,help you to pass exam 100%.

Download FREE Ensurepass CCIE Security 350-018 Demo and Get the Discount Code
Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCIE ExamS Questions and Answers

Leave a Reply