100% Valid And Pass With latest Cisco 350-018 exam dumps, you will never fail your Cisco 350-018 exam. All the questions and answers are updated and added to the new version timely by our experts.Also now Cisco 350-018 is offering free Cisco 350-018 exam VCE player and PDF files for free on their website.
QUESTION 11
With Netflow configured and severals IPS, switches and routers and firewall devices imported into its database, CS-MARS will provide which of the following security features? (Choose four.)
A. Event Correlation to help identify attacks
B. Identification of hosts that generate abnormal amounts of traffic
C. Identify which hosts have CSA installed
D. Make mitifation recommendations to stop attacks
E. Draw a topology of your network
F. Pull SNMP traps from different devices
Correct Answer: ABDE
QUESTION 12
Which ones are the two types of ciphers?
A. Blocking cipher and non-blocing cipher
B. CBC cipher and EBC cipher
C. Block cipher and Stream cipher
D. Blocker cipher and Streamer cipher
E. 3DES cipher and AES cipher
Correct Answer: C
QUESTION 13
What Cisco technology protects agains Spanning-Tree Protocol manipulation?
A. Spanning Tree protect
B. Root Guard and BPDU Guard
C. Unicast Reverse Path Forwarding
D. MAC Spoof Guard
E. Port Security
Correct Answer: B
QUESTION 14
What is Chain of Evidence in the context of security forensics?
A. The concept that evidence is controlled in locked down, but not necessarily authenticated
B. The concept that evidence is controlled and accounted for as to not disrupt it authenticity and integrity
C. The concept that the general whereabouts of evidence is known
D. The concept that if a person has possession of evidence someone knowns where the evidence is and can say who had it if it is not logged
Correct Answer: B
QUESTION 15
Exhibit:
You work as a network administrator at Certkiller .com. Please study the exhibit carefully. Referring to the debug shown, which two statements are true? (Choose two.) +
A. The Certkiller 1 (local ) router is the DR
B. Both Certkiller 1 (local) and the remote OSPF neighbor are not directly connected to Area 0
C. The Remote OSPF neighbor has an OSPF Router ID of 3.3.3.3
D. The OSPF neighbors are establishing a virtual link
E. The OSPF neighbors are using MD5 Authentication
Correct Answer: DE
QUESTION 16
What are two important guidelines to follow when implementing VTP? (Choose 2)
A. CDP must be enabled on all switches in the VTP management domain
B. All Switches in the VTP domain must run the same version of VTP
C. When using secure mode VTP, only configure managmenet domain passwords on VTP servers
D. Enabling VTP pruning on a server will enable the feature for the entire management domain
E. Use of the VTP multi-domain feature should be restricted to migration and temporary implementation
Correct Answer: BD
QUESTION 17
Which of the following statements are true regarding hashing?
A. MD5 produces a 160-bit result
B. SHA-256 is an extension to SHA-1 with a logner output
C. MD5 takes more CPU cycles to compute than SHA-1
D. Changing 1 bit of the input to SHA-1 changes 1 bit of the output
E. SHA-1 is stronger than MD5 because it can be used with a key to prevent modification
Correct Answer: BD QUESTION 18
Network Topology Exhibit:
You work as a network administrator at Certkiller .com. Please study the exhibit carefully.
A cisco Security Appliance has been inserted between a multicast source and its receiver, preventing
multicast traffic between them. What is the best solution to address this problem?
A. Configure the security appliance as an IGMP multicast client
B. Configure a GRE tunnel to allow the musticast traffic ti bypass the security appliance
C. Configure the security appliacen as the rendezvous point of the multicast network so that (*,G) trees tranverse it
D. Create a static route on the multicast source and receiver pointing to the outsisde and inside interface of the seucirty appliance respectively
E. Configure SMR so the seucirty appliacen becomes an IGMP proxy agent, forwarding IGMP messages from hosts to the upstream multicast router
Correct Answer: E
QUESTION 19
When implementing best practices for IP Source spoofing and defeating Denial of Service attacks with IP Source Address Spoofing, What RFC is commonly used ot protect your network?
A. RFC 1149
B. RFC 3704
C. RFC 1918
D. RFC 2827
Correct Answer: D
QUESTION 20
What is the function of the switch(Config-if)#switchport port-security mac-accress sticky command?
A. Allows the switch to restrict the MAC addresses on the switchport based on the static MAC addresses configured in the startup configuration
B. Allows the administrator to manually configured the secured MAC addresses on the switchport
C. Allows the switch to permanenetly store the secured MAC addresses in the MAC Address Table (CAM table)
D. Allows the switch to perform sticky learning where dynamically learned MAC addresses are copied from the MAC Address Table (CAM Table) to the startup configuration
E. Allows the Switch to dynamically learn the MAC addresses on the switchport and the MAC addresses will be added to the running configuration
Correct Answer: E QUESTION 21
Exhibit:
You work as a network administrator at Certkiller .com. Please study the exhibit carefully.
Referring to the partial IOS configuration shown in the exhibit, which two statements are true? (Choose
three.)
A. Ethernet0 is the trusted interface and Ethernet1 is the untrusted interface
B. All Outbound ICM traffic will be inspected by the IOS firewall
C. CBAC will create dynamic entries in ALC 101 to permit in return traffic
D. ACL 101 needs to have at least one permit statement in ti or it will not work properly
E. Ethernet0 needs to inbound access-list to make the configuration work
F. Ethernet0 needs an outbound access-list to make the configuration work
Correct Answer: ACD
QUESTION 22
Cisco Clean Access ensures that computers connecting to your network have which of the following?
A. No Viruable applications or operating system
B. No Viruses or worms
C. Appropriate security applications and patch levels
D. Current IPS signatures
E. Cisco Security Agent
Correct Answer: C
QUESTION 23
With the Cisco’s IOS Authenticaton Proxy feature, users can initiate network access via which three protocols? (Choose three.)
A. IPSec
B. HTTP/HTTPS
C. L2TP
D. FTP
E. TELNET
F. SSH
Correct Answer: ABD
QUESTION 24
DRAG DROP
You work as a network engineer at Certkiller .com. Your boss, Miss Certkiller, is interested in Server attack
methods. In particular attacks performed by predicting the Server’s TCP ISN (Initial Sequence Number).
Place the appropriate steps in the correct order. Choose only steps that apply.
A.
B.
C.
D.
Correct Answer:
QUESTION 25
Exhibit: You work as a network administrator at Certkiller .com. Please study the exhibit carefully. A cisco 10/100/1000 mbps switch is inserted in a small office network. The two servers and three user workstations are configured as shown in the diagram. After inserting the switch, server to server communication is fine but performance and communication to/from user workstation is poor. What is the most likely cuasae of these problems?
A. Bad or faulty Ethernet NICs on the user PCs
B. Connections to user workstations improperly configured as Trunk ports
C. Bad or faulty Ethernet ports/controllers on the Cisco 10/100/1000 switch
D. Failure to configure user workstation interfaces for spanning tree portfast
E. Auto negotiation failure causing duplex mismatches only on 100Mbps interfaces
Correct Answer: E
QUESTION 26
Which of the following signatures was created by an IPS administrator using the custom signature creation capability of IPS?
A. 2000 – ICMP Echo Reply
B. 3050 – Half-open SYN attack
C. 12000 – Gator Spyware Beacon
D. 9000 – TCP Backdoor Probe
E. 6000 – BitTorrent File Download
Correct Answer: E
QUESTION 27
What is NTP curcial for?
A. Accurate Logging
B. Time Zone
C. Validating Certificates
D. Routing Updates
E. Kerberos Tickets
F. Clock
Correct Answer: ACE
QUESTION 28
The following is an example of an IPSEc error message: IPSEC(validat_proposal): invlaid local addres 192.1.1.1 ISAKMP ():3): atts not acceptable Next Payload is 0 ISAKMP (0:3): SA not acceptable!
What is the most common problem that this message can be attributed to?
A. Router is missing the crypto man map-name local-address command
B. Cryptoo access-lists are not mirrored on each side
C. This is only an informational message, ipsec session will still succed
D. Crypto man is applied to the wrong interface or is not applied at all
Correct Answer: D
QUESTION 29
Which of the following is an example of security technology that could be enabled by Netflow?
A. Anomaly Detection
B. SYN Cookies
C. Application Inspection
D. Content Filtering
E. Anti-x Protection
F. Anti Virus
Correct Answer: A
QUESTION 30
With PGP, which of the following entity signs a users public key?
A. The sender of the message
B. The receipient of the message
C. The sender’s administrator who provides the sender with the PGP program
D. A third party that belongs to what’s often known as “web of trust” that can verify the relationship between the user and the key
E. The vendor of the PGP program
Correct Answer: D
Whenever Cisco candidates take a tour of sample questions of Cisco 350-018 exam they find their training to be matchless to great extent.Passing the Cisco 350-018 on your own can be a difficult task,but with Cisco 350-018 preparation products,many candidates who appeared online passed Cisco 350-018 easily.