Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Cisco Official New Released 350-018
100% Free Download! 100% Pass Guaranteed!
CCIE Security Exam (v4.1)
Question No: 361 – (Topic 4)
Which two statements about the multiple context mode running Version 9.x are true? (Choose two.)
-
RIP is not supported.
-
An interface cannot be shared by multiple contexts.
-
Remote access VPN is supported.
-
Only the admin and context configuration files are supported.
-
OSPFv3 is supported.
-
Multicast feature is supported
-
Site-To-Site VPN feature is supported
Answer: A,G
Question No: 362 – (Topic 4)
Which three nonproprietary EAP methods do not require the use of a client-side certificate for mutual authentication? (Choose three.)
-
LEAP
-
EAP-TLS
-
PEAP
-
EAP-TTLS
-
EAP-FAST
Answer: C,D,E
Question No: 363 – (Topic 4)
Which three HTTP header fields can be classified by NBAR for request messages? (Choose three.)
-
User-Agent
-
Server
-
Referrer
-
Content-Encoding
-
Location
-
From
Answer: A,C,F
Question No: 364 – (Topic 4)
Which four types of VPN natively provide encryption of user traffic? (Choose four.)
-
MPLS
-
IPsec
-
L2TPv3
-
SSL
-
VPLS
-
AToM
-
GETVPN
-
Microsoft PPTP
Answer: B,D,G,H
Question No: 365 – (Topic 4)
What is needed to verify a digital signature that was created using an RSA algorithm?
-
public key
-
private key
-
both public and private key
-
trusted third-party certificate
Answer: A
Question No: 366 – (Topic 4)
After a client discovers a supportable wireless network, what is the correct sequence of operations that the client will take to join it?
-
association, then authentication
-
authentication, then association
-
probe request, then association
-
authentication, then authorization
Answer: B
Question No: 367 – (Topic 4)
Which two statements about an authoritative server in a DNS system are true? (Choose two.)
-
It indicates that it is authoritative for a name by setting the AA bit in responses.
-
It has a direct connection to one of the root name servers.
-
It has a ratio of exactly one authoritative name server per domain.
-
It cannot cache or respond to queries from domains outside its authority.
-
It has a ratio of at least one authoritative name server per domain.
Answer: A,E
Question No: 368 – (Topic 4)
Hierarchical priority queuing is used on the interfaces on which you enable a traffic-shaping queue. Which two statements about hierarchical priority queuing are true? (Choose two.)
-
Priority packets are never dropped from the shape queue unless the sustained rate of priority traffic exceeds the shape rate.
-
For IPsec-encrypted packets, you can match traffic based only on the DSCP or precedence setting.
-
IPsec over TCP is not supported for priority traffic classification.
-
For IPsec-encrypted packets, you cannot match traffic based on the DSCP or precedence setting.
-
IPsec over TCP is supported for priority traffic classification.
Answer: B,C
Question No: 369 – (Topic 4)
A Cisco IOS router is configured as follows: ip dns spoofing 192.168.20.1
What will the router respond with when it receives a DNS query for its own host name?
-
The router will respond with the IP address of the incoming interface.
-
The router will respond with 192.168.20.1 only if the outside interface is down.
-
The router will respond with 192.168.20.1.
-
The router will ignore the DNS query and forward it directly to the DNS server.
Answer: B
Question No: 370 – (Topic 4)
Which IPv4 header field usually increments for each subsequent packet sent?
-
Flag
-
Fragment Offset
-
Identification
-
Time To Live
Answer: C
100% Ensurepass Free Download!
–350-018 PDF
100% Ensurepass Free Guaranteed!
–350-018 Dumps
| EnsurePass | ExamCollection | Testking | |
|---|---|---|---|
| Lowest Price Guarantee | Yes | No | No |
| Up-to-Dated | Yes | No | No |
| Real Questions | Yes | No | No |
| Explanation | Yes | No | No |
| PDF VCE | Yes | No | No |
| Free VCE Simulator | Yes | No | No |
| Instant Download | Yes | No | No |