[Free] Download New Latest (January 2016) Cisco 350-018 Real Exam 161-170

By | January 9, 2016

Ensurepass

QUESTION 161

Which three statements are true about the Cisco NAC Appliance solution? (Choose three.)

 

A.

In a Layer 3 OOB ACL deployment of the Cisco NAC Appliance, the discovery host must be configured as the untrusted IP address of the Cisco NAC Appliance Server.

B.

In a Cisco NAC Appliance deployment, the discovery host must be configured on a Cisco router using the “NAC discovery-host” global configuration command.

C.

In a VRF-style OOB deployment of the Cisco NAC Appliance, the discovery host may be the IP address that is on the trusted side of the Cisco NAC Appliance Server.

D.

In a Layer 3 IB deployment of the Cisco NAC Appliance, the discovery host may be configured as the IP address of the Cisco NAC Appliance Manager.

 

Correct Answer: ACD

 

 

QUESTION 162

Refer to the exhibit, which shows a partial output of the show command. Which statement best describes the problem?

 

clip_image002

 

A.

Context vpn1 is not inservice.

B.

There is no gateway that is configured under context vpn1.

C.

The config has not been properly updated for context vpn1.

D.

The gateway that is configured under context vpn1 is not inservice.

 

Correct Answer: A

 

 

QUESTION 163

Review the exhibit. Which three statements about the Cisco IPS sensor are true? (Choose three.)

 

clip_image004

 

A.

A

B.

B

C.

C

D.

D

E.

E

 

Correct Answer: ACE

 

 

QUESTION 164

An internal DNS server requires a NAT on a Cisco IOS router that is dual-homed to separate ISPs using distinct CIDR blocks. Which NAT capability is required to allow hosts in each CIDR block to contact the DNS server via one translated address?

 

< td style="border-top-style: none; border-left-style: none; background: white; border-bottom-style: none; padding-bottom: 0cm; padding-top: 0cm; border-right-style: none; padding-left: 0cm; padding-right: 0cm" valign="top" width="708">

NAT port-to-application mapping

A.

NAT overload

B.

NAT extendable

C.

NAT TCP load balancing

D.

NAT service-type DNS

E.

 

Correct Answer: B

 

 

QUESTION 165

Refer to the exhibit. Which three command sets are required to complete this IPv6 IPsec site-to-site VTI? (Choose three.)

 

clip_image006

 

A.

interface Tunnel0

tunnel mode ipsec ipv6

B.

crypto isakmp-profile

match identity address ipv6 any

C.

interface Tunnel0

ipv6 enable

D.

ipv6 unicast-routing

E.

interface Tunnel0

ipv6 enable-ipsec

 

Correct Answer: ACD

 

 

QUESTION 166

Refer to the exhibit. Which option correctly identifies the point on the exhibit where Control Plane Policing (input) is applied to incoming packets?

 

clip_image008

 

A.

point 6

B.

point 7

C.

point 4

D.

point 1

E.

points 5 and 6

 

Correct Answer: A

 

 

QUESTION 167

Which QoS marking is only locally significant on a Cisco router?

 

A.

MPLS EXP

B.

DSCP

C.

QoS group

D.

IP precedence

E.

traffic class

F.

flow label

 

Correct Answer: C

 

 

 

QUESTION 168

Which three control plane subinterfaces are available when implementing Cisco IOS Control Plane Protection? (Choose three.)

 

A.

CPU

B.

host

C.

fast-cache

D.

transit

E.

CEF-exception

F.

management

 

Correct Answer: BDE

 

 

QUESTION 169

Management Frame Protection is available in two deployment modes, Infrastructure and Client. Which three statements describe the differences between these modes? (Choose three.)

 

A.

Infrastructure mode appends a MIC to management frames.

B.

Client mode encrypts management frames.

C.

Infrastructure mode can detect and prevent common DoS attacks.

D.

Client mode can detect and prevent common DoS attacks.

E.

Infrastructure mode requires Cisco Compatible Extensions version 5 support on clients.

 

Correct Answer: ABD

 

 

QUESTION 170

Which three object tracking options are supported by Cisco IOS policy-based routing? (Choose three.)

 

A.

absence of an entry in the routing table

B.

existence of a CDP neighbor relationship

C.

existence of an entry in the routing table

D.

results of an SAA operation

E.

state of the line protocol of an interface

 

Correct Answer: CDE

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …