[Free] 2018(June) Ensurepass Cisco 350-018 Dumps with VCE and PDF 251-260

Ensurepass.com : Ensure you pass the IT Exams
2018 May Cisco Official New Released 350-018
100% Free Download! 100% Pass Guaranteed!

CCIE Security Exam (v4.1)

Question No: 251 – (Topic 4)

Which two statements describe GRE? (Choose two.)

  1. GRE acts as passenger protocol for a Layer 3 transport protocol.

  2. GRE acts as a tunneling protocol and encapsulates other protocols.

  3. GRE provides data confidentiality.

  4. Packet MTU must be adjusted to accommodate GRE overhead.

  5. GRE does not allow multicast to be sent across the tunnel.

  6. The GRE tunnel interface remains down until it can see the remote tunnel end.

Answer: B,D

Question No: 252 – (Topic 4)

Refer to the exhibit.

Ensurepass 2018 PDF and VCE

Which option describes the behavior of this configuration?

  1. Traffic from the 30.30.0.0/16 network to the 10.10.0.0/32 network will be translated.

  2. Traffic from the 30.30.0.0/32 network to the 10.10.0.0/16 network will not be translated.

  3. Traffic from the 10.10.0.0/16 network to the 30.30.30.0/24 network will not be translated.

  4. Traffic from the 10.10.0.0/32 network to the 30.30.30.0/16 network will be translated.

Answer: C

Question No: 253 – (Topic 4)

What are two uses of an RSA algorithm? (Choose two.)

  1. Data encryption

  2. Digital signature verification

  3. Shared key generation

  4. Message hashing

Answer: A,B

Question No: 254 – (Topic 4)

Which statement about PVLAN setup is true?

  1. The host that is connected to the community port can communicate with a host that is connected to a different community port.

  2. The host that is connected to the community port cannot communicate with hosts that are connected to the promiscuous port.

  3. The host that is connected to the community port cannot communicate with hosts that are connected to the isolated port.

  4. The host that is connected to the community port can only communicate with hosts that are connected to the same community port.

Answer: C

Question No: 255 – (Topic 4)

Which configuration implements an ingress traffic filter on a dual-stack ISR border router to prevent attacks from the outside to services such as DNSv6 and DHCPv6?

  1. !

    ipv6 access-list test deny ipv6 FF05::/16 any deny ipv6 any FF05::/16

    ! output omitted permit ipv6 any any

    !

  2. !

    ipv6 access-list test permit ipv6 any FF05::/16

    ! output omitted deny ipv6 any any

    !

  3. !

    ipv6 access-list test

    deny ipv6 any any eq dns deny ipv6 any any eq dhcp

    ! output omitted permit ipv6 any any

    !

  4. !

    ipv6 access-list test

    deny ipv6 any 2000::/3

    ! output omitted permit ipv6 any any

    !

  5. !

ipv6 access-list test deny ipv6 any FE80::/10

! output omitted permit ipv6 any any

!

Answer: A

Question No: 256 – (Topic 4)

The address of an inside client is translated from a private address to a public address by a NAT router for access to an outside web server. What term describes the destination address (client) after the outside web server responds, and before it hits the NAT router?

  1. inside local

  2. inside global

  3. outside local

  4. outside global

Answer: B

Question No: 257 – (Topic 4)

When you compare WEP to WPA (not WPA2), which three protections are gained? (Choose three.)

  1. a message integrity check

  2. AES-based encryption

  3. avoidance of weak Initialization vectors

  4. longer RC4 keys

  5. a rekeying mechanism

Answer: A,C,E

Question No: 258 – (Topic 4)

Which three steps are required to rekey the routers on a link without dropping OSPFv3 protocol packets or disturbing the adjacency? (Choose three.)

  1. For every router on the link, create an additional inbound SA for the interface that is being rekeyed using a new SPI and the new key.

  2. For every router on the link, replace the original outbound SA with one that uses the new SPI and key values.

  3. For every router on the link, remove the original inbound SA.

  4. For every router on the link, create an additional outbound SA for the interface that is being rekeyed using a new SPI and the new key.

  5. For every router on the link, replace the original inbound SA with one that uses the new SPI and key values.

  6. For every router on the link, remove the original outbound SA.

Answer: A,B,C

Question No: 259 – (Topic 4)

Which four attributes are identified in an X.509v3 basic certificate field? (Choose four.)

  1. key usage

  2. certificate serial number

  3. issuer

  4. subject name

  5. signature algorithm identifier

  6. CRL distribution points

  7. subject alt name

Answer: B,C,D,E

Question No: 260 – (Topic 4)

Which three features describe DTLS protocol? (Choose three.)

  1. DTLS handshake does not support reordering or manage loss packets.

  2. DTLS provides enhanced security, as compared to TLS.

  3. DTLS provides block cipher encryption and decryption services.

  4. DTLS is designed to prevent man-in-the-middle attacks, message tampering, and message forgery.

  5. DTLS is used by application layer protocols that use UDP as a transport mechanism.

  6. DTLS does not support replay detection.

Answer: C,D,E

100% Ensurepass Free Download!
Download Free Demo:350-018 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass 350-018 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No