Important Info — Cisco 350-018 new study guide are designed to help you pass the exam in a short time.Everything you need can be found in the new version Cisco 350-018 exam dumps.Visit Flydumps.com to get more valid information.
QUESTION 80
Which three of these are among the implicit IPv6 ACL rules in Cisco IOS allowing ICMPv6 neighbor discovery? (Choose three.)
A. permit icmp any any nd-na
B. deny icmp any any nd-na
C. permit icmp any any nd-ns
D. deny icmp any any nd-nn “Pass Any Exam. Any Time.” – www.actualtests.com 31
E. permit ipv6 any any
F. deny ipv6 any any
Correct Answer: ACF
QUESTION 81
Which three of these make use of a certificate as part of the protocol? (Choose three.)
A. EAP-MD5
B. EAP-TLS
C. EAP-TTLS
D. EAP-FAST
E. EAP-PEAP
F. LEAP
Correct Answer: BCD
QUESTION 82
DNS Security Extension (DNSSEC) adds security functionality to the Domain Name System for which three purposes? (Choose three.)
A. origin authentication of DNS data
B. protection against denial of service (DoS) attacks
C. integrated data encryption using ESP
D. inclusion of the authorization flag in the DNS lookup
E. providing of confidentiality of data
F. data integrity ActualTests.com
Correct Answer: ADF
QUESTION 83
You run the show ipv6 port-map telnet command and you see that the port 23 (system-defined) message and the port 223 (user-defined) message are displayed. Which command is in the router configuration?
A. ipv6 port-map port telnet 223
B. ipv6 port-map port 23 port 23223
C. ipv6 port-map telnet port 23 233 “Pass Any Exam. Any Time.” – www.actualtests.com 32
D. ipv6 port-map telnet port 223
Correct Answer: D
QUESTION 84
The Extension Mechanisms for DNS (EDNS0) header bit is now required to support larger DNS message sizes for which of these reasons?
A. to allow walking of the Resource Record Signature (RRSIG) for a domain name space
B. to ensure that the authority section is always present
C. to enable lookup for IPv6 AAAA records
D. to enable lookup for DNSSEC resource records
E. to provide a place for TXT resource records larger than 900 bytes
Correct Answer: D
QUESTION 85
The SSL VPN implementation on a Cisco ASA adaptive security appliance supports which three of these features? (Choose three.)
A. sending TCP and UDP traffic through a smart tunnel
B. sending TCP and UDP traffic through port forwarding
C. sending TCP-only traffic through a smart tunnel
D. sending TCP-only traffic through port forwarding
E. establishing a Winsock 2 connection between the client and the server through port forwarding
F. establishing a Winsock 2 connection between the client and the server through smart tunnels ActualTests.com
Correct Answer: CDF
QUESTION 86
Which of these statements is true about EIGRP?
A. It conserves network bandwidth by using periodic, incremental updates to propagate network changes to its neighbors.
B. It can install up to eight equal-cost paths to a given destination in its routing table.
C. It is possible for two EIGRP routers to become neighbors even if the hello and hold timers do not match.
D. EIGRP updates can be sent between two discontiguous autonomous systems via a virtual link. “Pass Any Exam. Any Time.” – www.actualtests.com 33
E. EIGRP packets can be both authenticated and encrypted to ensure that the information exchange is reliable and confidential.
Correct Answer: A
QUESTION 87
Which three of these are performed by both RADIUS and TACACS+ servers? (Choose three.)
A. login authentication
B. EXEC authorization
C. command authorization
D. EXEC accounting
E. command accounting
Correct Answer: ABD
QUESTION 88
CustomerA wants to synchronize the time on all its routers using NTP. CustomerA knows the NTP master is at address 1.1.1.1, and is using MD5 authentication with a password of “cisco123.” Assuming timezone settings are already configured, which four of these commands does the customer need to configure on each router to correctly synchronize the device with the NTP master? (Choose four.)
A. ntp encryption md5
B. ntp server 1.1.1.1 key 1
C. ntp authenticate
D. ntp trusted-key 1 ActualTests.com
E. ntp enable
F. ntp authentication-key 1 md5 cisco123
Correct Answer: BCDF
QUESTION 89
Which two statements about RADIUS are true? (Choose two.)
A. The RADIUS server must use TCP for its connection to the NAS.
B. The RADIUS server must use UDP for its connection to the NAS.
C. The NAS connection to the RADIUS server encrypts the entire packet, but the header is unencrypted.
“Pass Any Exam. Any Time.” – www.actualtests.com 34
D. The NAS connection to the RADIUS server encrypts the password in an Access-Request packet only.
E. The NAS connection to the RADIUS server encrypts the password in the Accounting-Request packet only
Correct Answer: BD
QUESTION 90
Which of these communications mechanisms can be used between Cisco Security Device Manager (SDM) and a Cisco router in addition to HTTP or HTTPS to read and write the router configurations?
A. Telnet/SSH
B. FTP/Telnet/SSH
C. SFTP/Telnet/SSH
D. FTP/SSH
E. SFTP/SSH
Correct Answer: A
All our Cisco products are up to date! When you buy any Cisco 350-018 product from Certpaper, as “Cisco 350-018 Questions & Answers with explanations”,you are automatically offered the Cisco 350-018 updates for a total of 90 days from the day you bought it.If you want to renew your Cisco 350-018 purchase during the period of these 90 days,your Cisco 350-018 product is renewed and you are further enabled to enjoy the free Cisco updates.