New Updated Cisco CCIE Security 350-018 Real Exam Download 321-330

Ensurepass

QUESTION 321

What does the SXP protocol exchange between peers?

 

A.      IP to SGT binding information

B.      MAC to SGT binding information

C.      ingress port to SGT binding information

D.      ingress switch to SGT binding information

 

Correct Answer: A

 

 

QUESTION 322

What is a primary function of the SXP protocol?

 

A.      to extend a TrustSec domain on switches that do not support packet tagging with SGTs

B.      to map the SGT tag to VLAN information

C.      to allow the SGT tagged packets to be transmitted on trunks

D.      to exchange the SGT information between different TrustSec domains

 

Correct Answer: A

 

 

QUESTION 323

In RFC 4034, DNSSEC introduced which four new resource record types? (Choose four.)

 

A.      DNS Public Key (DNSKEY)

B.      Next Secure (NSEC)

C.      Resource Record Signature (RRSIG)

D.      Delegation Signer (DS)

E.       Top Level Domain (TLD)

F.       Zone Signing Key (ZSK)

 

Correct Answer: ABCD

 

 

QUESTION 324

What functionality is provided by DNSSEC?

 

A.      origin authentication of DNS data

B.      data confidentiality of DNS queries and answers

C.      access restriction of DNS zone transfers

D.      storage of the certificate records in a DNS zone file

 

Correct Answer: A

 

 

QUESTION 325

How are the username and password transmitted if a basic HTTP authentication is used?

 

A.      Base64 encoded username and password

B.      MD5 hash of the combined username and password

C.      username in cleartext and MD5 hash of the password

D.      cleartext username and password

 

Correct Answer: A

 

 

QUESTION 326

Which field in an HTTPS server certificate is compared to a server name in the URL?

 

A.      Common Name

B.      Issuer Name

C.      Organization

D.      Organizational Unit

 

Correct Answer: A

 

 

QUESTION 327

Which transport type is used by the DHCP protocol?

 

A.      UDP ports 67 and 69

B.      TCP ports 67 and 68

C.      UDP and TCP port 67

D.      UDP ports 67 and 68

 

Correct Answer: A

 

 

QUESTION 328

Which domain is used for a reverse lookup of IPv4 addresses?

 

A.      in-addr.arpa

B.      ip4.arpa

C.      in-addr.net

D.      ip4.net

 

Correct Answer: A

 

QUESTION 329

Which port or ports are used for the FTP data channel in passive mode?

 

A.      random TCP ports

B.      TCP port 21 on the server side

C.      TCP port 21 on the client side

D.      TCP port 20 on the server side

E.       TCP port 20 on the client side

 

Correct Answer: A

 

 

QUESTION 330

Why do firewalls need to specially treat an active mode FTP session?

 

A.      The data channel is originating from a server side.

B.      The FTP client opens too many concurrent data connections.

C.      The FTP server sends chunks of data that are too big.

D.      The data channel is using a 7-bit transfer mode.

 

Correct Answer: A

 

Download Latest Complete collection of 350-018 Real Q&As ,help you to pass exam 100%.

Download FREE Ensurepass CCIE Security 350-018 Demo and Get the Discount Code
Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCIE ExamS Questions and Answers

Leave a Reply