Cisco 350-018 Exam - CertifySky.com
Free 350-018 Sample Questions:
1. How do TCP SYN attacks take advantage of TCP to prevent new connections from being established to a host under attack?
A. These attacks send multiple FIN segments forcing TCP connection release.
B. These attacks fill up a hosts' listen queue by failing to ACK partially opened TCP connections.
C. These attacks take advantage of the hosts transmit backoff algorithm by sending jam signals to the host.
D. These attacks increment the ISN of each segment by a random number causing constant TCP retransmissions.
E. These attacks send TCP RST segments in response to connection SYN+ACK segments forcing SYN retransmissions.
2. What are two key characteristics of VTP? (Choose 2)
A. VTP messages are sent out all switchswitch connections.
B. VTP L2 messages are communicated to neighbors using CDP.
C. VTP manages addition, deletion, and renaming of VLANs 1 to 4094. D. VTP pruning restricts flooded traffic, increasing available bandwidth.
E. VTP V2 can only be used in a domain consisting of V2 capable switches.
F. VTP V2 performs consistency checks on all sources of VLAN information.
Answer: D, E
3. Whenever a failover takes place on the ASA running in failover mode, all active connections are dropped and clients must reestablish their connections unless
A. the ASA is configured for ActiveStandby failover.
B. the ASA is configured for ActiveActive failover.
C. the ASA is configured for ActiveActive failover and a state failover link has been configured.
D. the ASA is configured for ActiveStandby failover and a state failover link has been configured.
E. the ASA is configured to use a serial cable as the failover link. F. the ASA is configured for LANBased failover.
Answer: C, D
4. What are two important guidelines to follow when implementing VTP? (Choose 2)
A. CDP must be enabled on all switches in the VTP management domain.
B. All switches in the VTP domain must run the same version of VTP.
C. When using secure mode VTP, only configure management domain passwords on VTP servers.
D. Enabling VTP pruning on a server will enable the feature for the entire management domain. E. Use of the VTP multidomain feature should be restricted to migration and temporary implementation.
Answer: B, D
5. What two things must you do on the router before generating an SSH key with the "crypto key generate rsa" IOS command?
A. Configure the SSH version that the router will use
B. Configure the host name of the router
C. Enable AAA Authentication
D. Configure the default IP domain name that the router will use
E. Enable SSH transport support on the vty lines
Answer: B, D
6. When applying MD5 route authentication on routers running RIP or EIGRP, what two important key chain considerations should be accounted for?
A. The lifetimes of the keys in the chain should overlap.
B. No more than three keys should be configured in any single chain.
C. Routers should be configured for NTP to synchronize their clocks.
D. Key 0 of all key chains must match for all routers in the autonomous system.
E. Link compression techniques should be disabled on links transporting any MD5 "hash".
Answer: A, C
7. Which algorithms did TKIP add to the 802.11 specification? (Choose 3)
A. key mixing
B. AESbased encryption
C. antireplay sequence counter
D. message integrity check
E. cyclic redundancy check
Answer: A, C, D
8. According to RFC 3180, what is the correct GLOP address for AS 456?
9. A network administrator is using a LAN analyzer to troubleshoot OSPF router exchange messages sent to ALL OSPF ROUTERS. To what MAC address are these messages sent?
10. Which two IP multicast addresses belong to the group represented by the MAC address of 0x01005E156A2C?
Answer: A, C
11. How is the Cisco sensor software version 5.0 different from the version 4.0 release?
A. The monitoring system pulls events from the sensor
B. The sensor supports intrusion prevention functinality
C. The sensor pushes events to the monitoring system
D. The sensor uses RDEP E. The sensor software calculates a Risk Rating for alerts to reduce false positives
Answer: B, E
12. What is SDEE?
A. A Cisco proprietary protocol to transfer IDS events across the network
B. A protocol used by multiple vendors to transmit IDS events across the network
C. A queuing mechanism to store alerts
D. A mechanism to securely encode intrusion events in an event store E. A multipurpose encryption engine to symmetrically encrpt data across the network
13. Whenever a failover takes place on the ASA (configured for failover), all active connections are dropped and clients must reestablish their connections unless: (Choose 2)
A. The ASA is configured for ActiveStandby failover. B. The ASA is configured for ActiveActive failover.
C. The ASA is configured for ActiveActive failover and a state failover link has been configured.
D. The ASA is configured for ActiveStandby failover and a state failover link has been configured.
E. The ASA is configured to use a serial cable as the failover link. F. The ASA is configured for LANBased failover
Answer: C, D
14. What is true about a PreBlock ACL configured when setting up your sensor to perform IP Blocking?
A. The PreBlock ACL is overwritten when a blocking action is initiatied by the sensor
B. The blocking ACL entries generated by the sensor override the PreBlock ACL entries
C. The PreBlock ACL entries override the blocking ACL entries generated by the sensor
D. The PreBlock ACL is replaced by the PostBlock ACL when a blocking action is initiated by the sensor
E. You can not configure a PreBlock ACL when configuring IP Blocking on your sensor
15. Which of the following is true about the Cisco IOSIPS functionality? (Choose 2)
A. The signatures available are built into the IOS code.
B. To update signatures you need to install a new IOS image
C. To activate new signatures you download a new Signature Defiition File (SDF) from Cisco's web site
D. Loading and enabling selected IPS signatures is user configurable
E. Cisco IOS only provides Intrusion Detection functionality
F. Cisco IOSIPS requires a network module installed in your router running sensor software
Answer: C, D
16. What is the main reason for using the "ip ips denyaction ipsinterface" IOS command?
A. To selectively apply drop actions to specific interfaces
B. To enable IOS to drop traffic for signatures configured with the Drop action
C. To support loadbalancing configurations in which traffic can arrive via multiple interfaces
D. This is not a valid IOS command
17. By default, to perform IPS deny actions, where is the ACL applied when using IOSIPS?
A. To the ingress interface of the offending packet
B. To the ingress interface on which IOSIPS is configured
C. To the egress interface on which IOSIPS is configured
D. To the egress interface of the offending packet
E. To the ingress interface of the offending packet and the ingress interface on which IOSIPS is configured