FLYDUMPS have full confident of helping you pass your Cisco 350-018 exam. FLYDUMPS’S sproducts come with a 100% guarantee of success. Cisco 350-018 exam is a very valuable exam of Cisco Specialist certification. This exam is one of the most important and top of the line certifications for the IT professionals. Cisco 350-018 Q&As are also available on the internet. The very concept of Cisco 350-018 exam sample questions is to introduce the candidates with the questions of utmost importance with regard to their IT certification exam.

QUESTION 50
When an IPS device in single interface VLAN-pairing mode fires a signature from the normalizer engine and TCP-based packets are dropped, which of the following would be a probable cause?
A. The IPS device identified an incorrect value in layer 7.
B. There was no information in the IPS state table for the connection.
C. The IPS device identified an incorrect value in layer 6.
D. There was a valid SYN ACK in the state table but the subsequent packets were fragmented and did not constitute a valid flow.
E. The IPS device identified an incorrect value in layer 5.
Correct Answer: BD
QUESTION 51
Which statement is true about SYN cookies?
A. State is kept on the server machine TCP stack.
B. No State is kept on the server machine state and is embedded in the systems Initial Sequence Number (ISN).
C. SYN cookies do not help to protect against SYN flood attacks.
D. A system has to check every incoming ACK against state tables.

Correct Answer: B QUESTION 52
Refer to the Exhibit. Which of the following R1 router configurations will correctly prevent R3 from becoming a PIM neighor with rendezvous point R1?

A. access-list 1 deny 192.168.1.3 255.255.255.255 ! interface fa0/0 ip pim neighbor-filter 1
B. access-list 1 permit 192.168.1.2 255.255.255.255 access-list 1 deny any ! interface fa0/0 ip pim bidir-neighbor-filter 1
C. access-list 1 deny 192.168.1.3 255.255.255.255 ! interface fa0/0 ip igmp access-group 1
D. access-list 1 permit 192.168.1.2 255.255.255.255 ! interface fa0/0 ip multicast boundary 1 filter-autorop
E. access-list 1 permit 192.168.1.3 255.255.255.255 ip pim rp-announce-filter rp-list 1

Correct Answer: A
QUESTION 53
Asymmetric and symmetric ciphers differ in which of the following way(s)? (Choose 2)
A. Asymmetric ciphers use pre-shared keys.
B. Symmetric ciphers are faster to compute.
C. Asymmetric ciphers are faster to compute.
D. Asymmetric ciphers use public and private keys.
Correct Answer: BD
QUESTION 54
The key lengths for DES and 3DES, respectively, are:
A. 128 bits and 256 bits.
B. 128 bits and 384 bits.
C. 1024 bits and 3072 bits.
D. 64 bits and 192 bits.
E. 56 bits and 168 bits.
F. 128 bytes and 384 bytes.

Correct Answer: E
QUESTION 55
When enrolling a Cisco IOS router to a CA server using the SCEP protocol, which one of the following is NOT a required step?
A. Configure an ip domain-name on the router
B. Generate the RSA key pairs on the router.
C. Define the crypto pki trustpoint on the router.
D. Authenticate the CA server’s certificate.
E. Import the server certificate to the router using TFTP.

Correct Answer: E
QUESTION 56
RFC 2827 ingress filtering is used to help prevent which type of attacks?
A. Syn Flood.
B. Source IP address spoofing
C. Overlapping IP Fragments.
D. Tiny IP Fragments
E. Land.C
F. Network Reconnaissance.

Correct Answer: B
QUESTION 57
Low and slow reconnaissance scans used to gain information about a system to see if it is vulnerable to an attack can be stopped with which of the following Cisco products?
A. ASA syn protection
B. ASA ICMP application inspection.
C. CSA quarantine lists.
D. IPS syn attack signatures.
E. Cisco Guard
Correct Answer: C
QUESTION 58
Cisco Clean Access ensures that computers connecting to your network have which of the following?
A. No vulnerable applications or operating systems
B. No viruses or worms
C. Appropriate security applications and patch levels.
D. Current ips signatures.
E. Cisco Security Agent

Correct Answer: C QUESTION 59
The following ip protocols and ports are commonly used in IPSec protocols.
A. IP protocol 50 and 51, UDP port 500 and 4500
B. UDP ports 50, 51, 500, and 4500
C. TCP ports 50, 51, 500, and 4500
D. IP protocols 50, 51, 500, and 4500
E. IP protocols 50 and 51, UDP port 500, and TCP port 4500

Correct Answer: A QUESTION 60
Refer to the Exhibit. Router R1 is stuck in 2-WAY state with neighbors R2 and R3. As a result R1 has an incomplete routing table. To troubleshoot the issue, the show and debug commands in the exhibit are entered on R1. Based on the output of these commands what is the most likely cause of this problem?

A. The hello timers on the segment between these routers do not match.
B. All the routers on the Ethernet segment have been configured with “ip ospf priority 0”
C. R1 can not form an adjacency with R2 or R3 because it does not have a matching authentication key.
D. The Ethernet 0/0 interfaces on these routers are missing the “ip ospf network broadcast” command.
E. The Ethernet 0/0 interfaces on R1 has been configured with the command, “ip ospf network non-broadcast”.

Correct Answer: B
QUESTION 61
Based on the following partial configuration shown, which statement is true?
interface FastEthernet0/1 switchport access vlan 100 switchport mode access dot1x port-control auto dot1x guest-vlan 10
A. vlan 10, the guest vlan is also known as the restricted vlan
B. client without an 802.1x supplicant connecting to port fa0/1 will be assigned to the vlan 10
C. client connecting to port fa0/1 with an 802.1x supplicant but fails authentication will be assigned to the vlan
10.
D. client connecting to port fa0/1 with an 802.1x supplicant but fails authentication will be assigned to the vlan 100
E. EAP over LAN frames will flow over VLAN 10

Correct Answer: B
QUESTION 62
Referring to the network diagram and the partial router’s configuration shown, which packet will be permitted by ACL 101?

A. Any TCP packets with the initial SYN or ACK bit set destined to a host on the 10.2.1.0/24 subnet.
B. A HTTP packet with the SYN bit set destined to a host on the 10.2.1.0/24 subnet.
C. A TFTP packet with the RST bit set destined to a host on the 10.2.1.0/24 subnet.
D. An ICMP echo-reply packet destined to a host on the 10.2.1.0/24 subnet
E. Any TCP packet with the ACK bit set destined to a host on the 10.2.1.0/24 subnet.
F. Any TCP return traffic destined to a host on the 10.2.1.0/24 subnet that matches a corresponding outgoing TCP connection in the router’s firewall state table.

Correct Answer: E
QUESTION 63
What is the function of the switch(config-if)# switchport port-security mac-address sticky comand?
A. allows the switch to restrict the MAC addresses on the switchport based on the static MAC addresses configured in the startup configuration.
B. allows the administrator to manually configured the secured MAC addresses on the switchport.
C. allows the switch to permanently store the secured MAC addresses in the MAC Address Table (CAM Table)
D. allows the switch to perform sticky learning where the dynamically learned MAC addresses are copied from the MAC Address Table (CAM Table) to the startup configuration.
E. allows the switch to dynamically learn the MAC addresses on the switchport and the MAC addresses will be added to the running configuration.

Correct Answer: E
QUESTION 64
Drop

A.
B.
C.
D.

Correct Answer:
QUESTION 65
Which statement below is true about the command “nat control” on the ASA?
A. It requires traffic originating from the inside interface to match a NAT translation rule to pass through the firewall on the outside interface.
B. It allows traffic originating from the inside interface to pass through the firewall on the outside interface without a NAT translation rule being matched.
C. It requires traffic passing through the firewall on interfaces of the security level to match a NAT translation rule.
D. It allows traffic originating from the outside interface to pass through the firewall on the inside interface without a NAT translation rule being matched.

Correct Answer: A
QUESTION 66
What is the most probable cause of the SSH debug messages?

A. Unsupported cipher
B. bad password
C. wrong user
D. SSH client not supported

Correct Answer: B QUESTION 67
What statement is true concerning PAT?
A. PAT keeps ports but rewrites address.
B. PAT provides access control.
C. PAT rewrites the source address and port.
D. PAT is the preferred method to map servers to external networks.

Correct Answer: C QUESTION 68
When configuring system state conditions with the Cisco Security Agent, what is the resulting action when configuring more than one system state condition?
A. Any matching state condition will result with the state being triggered.
B. Once a state condition is met, the system ceases searching further conditions and will cause the state condition to trigger.
C. All specified state conditions are used as part of the requirements to be met to for the state to trigger.
D. Once the state conditions are met, they become persistent and can only be removed using the Reset feature.

Correct Answer: C QUESTION 69
Which of the following is the correct diagram for an IPsec Authentication Header?
A. C

Correct Answer: A QUESTION 70
In the example shown, Host A has attempted a D-COM attack using metasploit form Host A to Host B. Which answer best describes how event logs and IPS alerts can be used in conjunction with each other to determine if the attack was successful? (Choose 3)

A. CS-MARS will collect the syslog and the IPS alerts based on time.
B. The IPS event will suggest that an attack may have occurred because a signature was triggered.
C. IPS and ASA will use the Unified Threat Management protocol to determine that both devices saw the attack.
D. ASA will see the attack in both directions and will be able to determine if an attack was successful.
E. The syslog connection built event will indicate that an attack is likely because a TCP syn and an ack followed the attempted attack.
Correct Answer: ABE
QUESTION 71
Drop A.

B.
C.
D.

Correct Answer:
QUESTION 72
When implementing internet standards you are required to follow RFC’s processes and procedures based on what RFC?
A. RFC 1769 and mere publications.
B. Real standards of RFC 1918
C. RFC 1669 real standards and mere publications.
D. Real standards and mere publications RFC 1769
E. None of the above.

Correct Answer: E
QUESTION 73
Which two of followings are correct regarding the Cisco Trust Agent (CTA)? (Choose two.)
A. Available on Windows operating systems only.
B. Provides the capability at the endpoint to apply QoS markings to application network traffic as specified by Cisco Trust Agent policy rules.
C. Can communicate the Cisco Security Agent (CSA) version, OS and patch version, as well as the presence, version, and other posture information of third-party applications that are part of the NAC initiative to the Authentication Server.
D. Includes both a Layer 3 communication component using EAP over UDP, as well as an 802.1x supplicant, allowing layer 2 EAP over LAN communications.
E. Resides between the applications and the Operating System Kernel to prevent day zero attacks.

Correct Answer: CD
QUESTION 74
ASDM on the ASA platform is executed as:
A. An active-x application or a java script application.
B. A java script application and a PHP application
C. A fully compiled NET framework applicaton.
D. A fully operational Visual Basic applicaton.
E. A java applet running in the context of your browser or a stand alone application using the java run-time environment.

Correct Answer: E
QUESTION 75
With the Cisco’s IOS Authentication Proxy feature, users can initiate network access via which three protocols? (Choose three)
A. IPSec
B. HTTP/HTTPS
C. L2TP
D. FTP
E. TELNET
F. SSH

Correct Answer: BDE
QUESTION 76
Which of the following describes the DHCP “starvation” attack?
A. Exhaust the address space available on the DHCP servers so an attacker can inject their own DHCP server to serve addresses for malicious reasons.
B. Saturate the network with DHCP requests preventing other network services working.
C. Inject a DHCP server on the network for the purpose of overflowing DNS servers with bogus learned host names.
D. DHCP starvation is the act of sending DHCP-response packets for the purpose of overloading layer two CAM tables.
Correct Answer: A
QUESTION 77
Which should be the key driver for a company security policy’s creation, implementation and enforcement?
A. the business knowledge of the IT staff
B. the technical knowledge of the IT staff
C. the company’s business objectives.
D. the company’s network topology
E. the IT future directions.
Correct Answer: C
QUESTION 78
What Cisco technology protects against Spanning-Tree Protocol manipulation?
A. Spanning tree protect.
B. Root Guard and BPDU Guard.
C. Unicast Reverse Path Forwarding
D. MAC spoof guard.
E. Port Security.

Correct Answer: B
QUESTION 79
An administrator is troubleshooting a new ASDM configured security appliance. A remote user is trying to establish a web session with the dmz1_host and the in_host from a PC on the outside network. The remote user is able to establish a FTP connection with the in_host successfully from the outside. However, they are unable to connect to the dmz1_host with an IP address of 192.168.1.4 from their outside PC. The administrator checked the access-lists and they were correct.
The next step was to check the security appliance interfaces and NAT configuration screens. From information present on the ASDM screens, what appears to be the issue why the remote user can not create a web session with the dmz1_host?

A. If the remote user can not connect to dmz1_host using the 192.168.1.4, the administrator should check the remote user’s PC configuration.
B. The administrator should select “enable traffic through the firewall without address translation” checkbox.
C. The administrator should enable Inter-interface routing.
D. With Nat-control disabled, the end user should target the real dmz1_host IP address.

Correct Answer: C
QUESTION 80
When configuring IOS firewall (CBAC) operations on Cisco routers, the “inspectin rule” could be applied at which two locations? (Choose two.)
A. at the untrusted interface in the inbound direction
B. at the untrusted interface in the outbound direction
C. at the trusted interface in the inbound direction
D. at the trusted interface in the outbound direction
E. at the trusted and untrusted interface in the inbound direction
F. at the trusted and untrusted interface in the outbound direction

Correct Answer: BC
QUESTION 81
By default, to perform IPS deny actions, where is the ACL applied when using IOS-IPS?
A. To the ingress interface of the offending packet.
B. To the ingress interface on which IOS-IPS is configured.
C. To the egress interface on which IOS-IPS is configured.
D. To the egress interface of the offending packet
E. To the ingress interface of the offending packet and the ingress interface on which IOS-IPS is configured.

Correct Answer: A
QUESTION 82
If you perform a network trace of a ping going through an IPSec/3-DES tunnel, what would be true with respect to the appearence of a tunneled/encrypted packets?
A. The encryption key changes for each packet, resulting in a unique packet for each transmission.
B. The same key is used, but an index vector is used by IPSec to offset the key, resulting in a unique packet for each transmission.
C. The packets will likely be the same except for TTL and the sequence number.
D. A characteristic of 3-DES ensures that no two packets are alike.
E. The only way to ensure that packets are unique is to use AH as a header protocol.

Correct Answer: B
QUESTION 83
Cisco IOS IPS sends IPS alert messages using which two protocols? (Choose two.)
A. SDEE
B. LDAP
C. SYSLOG
D. FTP
E. SNMP
F. SMTP
Correct Answer: AC
QUESTION 84
What is true about a Pre-Block ACL configured when setting up your sensor to perform IP Blocking?
A. The Pre-Block ACL is overwritten when a blocking action is initiatied by the sensor.
B. The blocking ACL entries generated by the sensor override the Pre-Block ACL entries.
C. The Pre-Block ACL entries override the blocking ACL entries generated by the sensor.
D. The Pre-Block ACL is replaced by the Post-Block ACL when a blocking action is initiated by the sensor.
E. You can not configure a Pre-Block ACL when configuring IP Blocking on your sensor.

Correct Answer: C
QUESTION 85
Refer to the Exhibit. What as-path access-list regular expression should be applied no R2 as a neighbor filter-list to only allow updates with an origin of AS65503?

A. 65503
B. _65503_
C. ^65503$
D. _65503$
E. ^65503.*
F. _65503.?$

Correct Answer: E
QUESTION 86
For a router to obtain a certificate from a CA, what is the first step of the certificate enrollment process?
A. the router generages a certificate request and forwards it to the CA.
B. the router generages an RSA key pair
C. the router sends its public key to the CA.
D. the CA sends its public key to the router.
E. the CA verifies the identity of the router.
F. the CA generates a certificate request and forwards it to the router.

Correct Answer: B
QUESTION 87
Why is NTP an important component when implementing IPSec VPN in a PKI environment?
A. To ensure the router has the correct time when generating its private/public key pairs.
B. To ensure the router has the correct time when checking certificate validity form the remote peers.
C. To ensure the router time is sync with the remote peers for encryption keys generation.
D. To ensure the router time is sync with the remote peers during the DH exchange
E. To ensure the router time is sync with the remote peers when generating the cookies during IKE phase
1.
Correct Answer: B
QUESTION 88
Which of the following is true about the Cisco IOS-IPS functionality? (Choose 2) A. The signatures available are built into the IOS code.
B. To update signatures you need to install a new IOS image.
C. To activate new signatures you download a new Signature Defition File (SDF) from Cisco’s web site
D. Loading and enabling selected IPS signatures is user configurable.
E. Cisco IOS only provides Intrusion Detection functionality.
F. Cisco IOS-IPS requires a network module installed in your router running sensor software.

Correct Answer: CD
QUESTION 89
When configuring the FWSM for multiple security context in which context do you allocate interfaces?
A. Context A
B. System context
C. Admin context
D. Both b and c

Correct Answer: B

Looking to become a certified Cisco professional? Would you like to reduce or minimize your Cisco 350-018 certification cost? Do you want to pass all of the Cisco 350-018 certification? If you answered YES, then look no further. Flydumps.com offers you the best Microsoft exam certification test questions which cover all core topics and certification requirements.

Previous post Cisco 640-802 Certification Exam, Best Quality Cisco 640-802 PDF Dumps Will Be More Popular
Next post Cisco 642-972 Exam Description, Easily To Pass Cisco 642-972 Certification Latest Version PDF&VCE