Issuu on Google+

350-018

CCIE Pre-Qualification Test for Security


350-018

QUESTION NO: 547

When a DHCP server offers an IP address to a client, which field is populated with the client's IP address?

A. CIADDR B. YIADDR C. SIADDR D. GIADDR E. CHADDR

    

 Answer:

B


350-018

QUESTION NO: 548

 

Which four of these support mutual authentication? (Choose four.)

A. EAP-TTLS B. PEAP C. EAP-FAST D. EAP-MD5 E. EAP-SHA1 F. EAP-TLS

   

 Answer: A,B,C,F


350-018


350-018

QUESTION NO: 549

Which two of these statements are true about the Cisco Clean Access solution? (Choose two.)

A. When two Cisco Clean Access Managers (Cisco CAMs) are set up in failover, the "service IP address"is the IP address of the primary Cisco CAM.

B. If a single Cisco Clean Access Server (Cisco CAS) operating in in-band device mode dies, the traffic cannot pass through the hardware.

C. When a Cisco Clean Access Server (Cisco CAS) is unable to communicate with the Cisco CAM, users who are already connected will not be affected, but new users will not be able to log in.


350-018 

D. When a Cisco Clean Access Server (Cisco CAS) is unable to communicate with the Cisco

CAM, all users (previously authenticated users and new users) will pass traffic due to its default behavior of Fail Open.

E. The clock between the Cisco Clean Access Server (Cisco CAS) and the Cisco Clean Access Manager (Cisco CAM) must be synchronized for Active Directory single sign-on to work.

 Answer: B,C


350-018


350-018

QUESTION NO: 550

Which statement in reference to IPv6 multicast is true?

A. PIM dense mode is not part of IPv6 multicast. B. The first 12 bits of an IPv6 multicast address are always FF. C. IPv6 multicast uses Multicast Listener Discovery (MLD). D. IPv6 multicast requires Multicast Source Discovery Protocol (MSDP).

  

 Answer:

C


350-018

QUESTION NO: 551

What is the DNS transaction ID (TXID) used for?

A. tracking anomalous behaviors of name servers  B. tracking queries and responses to queries  C. Message TrackingQuery Protocol (MTQP)  D. tracking queries on behalf of another DNS resolver  E. tracking Time To Live (TTL) set in the RR 

 Answer: B


350-018


350-018

QUESTION NO: 552

A customer just deployed Cisco IOS firewall, and it has started to experience issues with applications timing out and overall network slowness during peak hours. The network administrator noticed the following syslog messages around the time of the problem: %FW-4-ALERT_ON: getting aggressive, count (501/500) current 1-min rate: 200 What could the problem be, and how might it be mitigated?

 

A. The DoS max half-open session threshold has been reached. Increase the threshold with the ip inspect maxincomplete high configuration.

B. The Cisco IOS Firewall session license limit has been exceeded. Obtain a new license with more sessions.


350-018

C. The router system resource limit threshold has been reached. Replace the router with one that has more memory and CPU power.

D. The aggregate virus detection threshold has been reached. Identify the affected host and patch accordingly.

E. The per-host new session establishment rate has been reached. Increase the threshold with the ip inspect tcp max-incomplete host configuration.

 Answer:

A


350-018


350-018

QUESTION NO: 553

All of these are predefined reports in the Cisco IPS Manager Express (Cisco IME) GUI except which one?

A. Attacks Overtime Report B. Top Victims Report C. Top Attacker Report D. Top Application Report E. Top Signature Report

   

 Answer:

D


350-018 

QUESTION NO: 554

 

A false negative represents which of these scenarios?

A. when an intrusion system generates an alarm after processing traffic that it is designed to Detect.

B. when an intrusion system generates an alarm after processing normal user traffic

C. when an intrusion system fails to generate an alarm after processing traffic thatit is designed to detect

D. when an intrusion system fails to generate an alarm after processing normal user traffic

 Answer: C 


350-018


350-018

QUESTION NO: 555

  During a computer security forensic investigation, a laptop

computer is retrieved that requires content analysis and information retrieval. Which file system is on it, assuming it has the default installation of Microsoft Windows Vista operating system?

    

A. HSFS B. WinFS C. NTFS D. FAT E. FAT32

 Answer: C


350-018

QUESTION NO: 556

 

Which of the following is used in PEAP to provide authentication for the EAP exchange?

A. RC4  B. TLS  C. SSH  D. AES  E. 3DES 

 Answer: B


350-018


350-018

QUESTION NO: 557

During a DoS attack, all of the data is lost from a user's laptop, and the user must now rebuild the system. Which tool can the user use to extract the Outlook PST file from the Microsoft Exchange server database?

A. NTbackup.exe  B. Exmerge.exe  C. Eseutil.exe  D. Ost2pst.exe 

 Answer: B


350-018


350-018


350-018


350-018


350-018

ď‚ž

For Complete real exam in just $39 go on

http://www.testbells.com/350-018.html


350-018 Study Guide