Download New Updated (Spring 2015) Cisco 350-018 Actual Tests 371-380

By | April 23, 2015

Ensurepass

 

 

QUESTION 371

When routing is configured on ASA, which statement is true?

 

A.

If the default route is not present, then the routing table is checked.

B.

If the routing table has two matching entries, the packet is dropped.

C.

If routing table has two matching entries with same prefix length, the first entry is used.

D.

If routing table has two matching entries with different prefix lengths, the entry with the longer prefix length is used.

 

Correct Answer: D

 

 

QUESTION 372

Which statement about the ASA redundant interface is true?

 

A.

It is a logical interface that combines two physical interfaces, both of which are active.

B.

It can only be used for failover links.

C.

By default, the first physical interface that is configured in the pair is the active interface.

D.

The redundant interface uses the MAC address of the second physical interface in the pair.

 

Correct Answer: C

 

 

QUESTION 373

Which two pieces of information are communicated by the ASA failover link? (Choose two.)

 

A.

unit state

B.

connections State

C.

routing tables

D.

power status

E.

MAC address exchange

 

Correct Answer: AE

 

 

QUESTION 374

When is a connection entry created on ASA for a packet that is received on the ingress interface?

 

A.

When the packet is checked by the access-list.

B.

When the packet reaches the ingress interface internal buffer.

C.

When the packet is a SYN packet or UDP packet.

D.

When a translation rule exists for the packet.

E.

When the packet is subjected to inspection.

 

Correct Answer: D

 

 

 

QUESTION 375

Which two statements about the multiple context mode running Version 9.x are true? (Choose two.)

 

A.

RIP is not supported.

B.

An interface cannot be shared by multiple contexts.

C.

Remote access VPN is supported.

D.

Only the admin and context configuration files are supported.

E.

OSPFv3 is supported.

F.

Multicast feature is supported

G.

Site-To-Site VPN feature is supported

 

Correct Answer: AG

 

 

QUESTION 376

Which two options describe how the traffic for the shared interface is classified in ASA multi context mode? (Choose two.)

 

A.

Traffic is classified at the source address in the packet.

B.

Traffic is classified at the destination address in the packet.

C.

Traffic is classified at the destination address in the context.

D.

Traffic is classified by copying and sending the packet to all the contexts.

E.

Traffic is classified by sending the MAC address for the shared interface.

 

Correct Answer: CE

 

 

QUESTION 377

Which two statements correctly describes ASA resource management in multiple context mode? (Choose two.)

 

A.

The class sets the resource maximum limit for a context to which it belongs.

B.

A resource cannot be oversubscribed or set to be unlimited in the class.

C.

The resource limit can only be set as a percentage in the class and not as an absolute value.

D.

Context belongs to a default class if not assigned to any other class.

E.

The default class provides unlimited access for all the resources.

 

Correct Answer: AD

 

 

QUESTION 378

Which two statements about ASA transparent mode are true? (Choose two.)

 

A.

Transparent mose acts as a Layer-3 firewall.

B.

The inside and outside interface must be in a different subnet.

C.

IP traffic will not pass unless it is permitted by an access-list.

D.

ARP traffic is dropped unless it is permitted.

E.

A configured route applies only to the traffic that is originated by the ASA.

F.

In multiple context mode, all contexts need to be in transparent mode.

 

Correct Answer: CE

QUESTION 379

Which statement correctly describes a botnet filter category?

 

A.

Unlisted addresses: The addresses are malware addresses that are not identified by the dynamic database and are hence defined statically.

B.

Ambiguous addresses: In this case, the same domain name has multiple malware addresses but not all the addresses are in the dynamic database. These addresses are on the graylist.

C.

Known malware addresses: These addresses are identified as blacklist addresses in the dynamic database and static list.

D.

Known allowed addresses: These addresses are identified as whitelist addresses that are bad addresses but still allowed.

 

Correct Answer: C

 

 

QUESTION 380

Refer to the exhibit. Why does the EasyVPN session fail to establish between the client and server?

 

clip_image002

 

A.

incomplete ISAKMP profile configuration on the server

B.

incorrect IPsec phase-2 configuration on the server

C.

incorrect group configuration on the client

D.

ISAKMP key mismatch

E.

incorrect ACL in the ISAKMP client group configuration

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …