QUESTION 231
When you are configuring the COOP feature for GETVPN redundancy, which two steps are required to ensure the proper COOP operations between the key servers? (Choose two.)
A. |
Generate an exportable RSA key pair on the primary key server and export it to the secondary key server. |
B. |
Enable dead peer detection between the primary and secondary key servers. |
C. |
Configure HSRP between the primary and secondary key servers. |
D. |
Enable IPC between the primary and secondary key servers. |
E. |
Enable NTP on both the primary and secondary key servers to ensure that they are synchronized to the same clock source. |
Correct Answer: < /span>AB
QUESTION 232
A Cisco Easy VPN software client is unable to access its local LAN devices once the VPN tunnel is established. What is the best way to solve this issue?
A. |
The IP address that is assigned by the Cisco Easy VPN Server to the client must be on the same network as the local LAN of the client. |
B. |
The Cisco Easy VPN Server should apply split-tunnel-policy excludespecified with a split- tunnel-list containing the local LAN addresses that are relevant to the client. |
C. |
The Cisco Easy VPN Server must push down an interface ACL that permits the traffic to the local LAN from the client. |
D. |
The Cisco Easy VPN Server should apply a split-tunnel-policy tunnelall policy to the client. |
E. |
The Cisco Easy VPN client machine needs to have multiple NICs to support this. |
Correct Answer: B
QUESTION 233
During the establishment of an Easy VPN tunnel, when is XAUTH performed?
A. |
at the end of IKEv1 Phase 2 |
B. |
at the beginning of IKEv1 Phase 1 |
C. |
at the end of Phase 1 and before Phase 2 starts in IKEv1 and IKEv2 |
D. |
at the end of Phase 1 and before Phase 2 starts in IKEv1 |
Correct Answer: D
QUESTION 234
Which three traffic conditions can be matched when configuring single rate, dual token bucket traffic policing on Cisco routers? (Choose three.)
A. |
conform |
B. |
normal |
C. |
violate |
D. |
peak |
E. |
exceed |
F. |
average |
Correct Answer: ACE
QUESTION 235
A frame relay PVC at router HQ has a CIR of 768 kb/s and the frame relay PVC at router branch office has a CIR of 384 kb/s. Which QoS mechanism can best be used to ease the data congestion and data loss due to the CIR speed mismatch?
A. |
traffic policing at the HQ |
B. |
traffic policing at the branch office |
C. |
traffic shaping at the HQ |
D. |
traffic shaping at the branch office |
E. |
LLQ at the HQ |
F. |
LLQ at the branch office |
Correct Answer: C
QUESTION 236
Refer to the exhibit. A customer has an IPsec tunnel that is configured between two remote offices. The customer is seeing these syslog messages on Router B:
%CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=x, sequence number=y
What is the most likely cause of this error?
A. |
The customer has an LLQ QoS policy that is configured on the WAN interface of Router A. |
B. |
A hacker on the Internet is launching a spoofing attack. |
C. |
Router B has an incorrectly configured IP MTU value on the WAN interface. |
D. |
There is packet corruption in the network between Router A and Router B. |
E. |
Router A and Router B are not synchronized to the same timer source. |
Correct Answer: A
QUESTION 237
In ISO 27001 ISMS, which three of these certification process phases are required to collect information for ISO 27001? (Choose three.)
A. |
discover |
B. |
certification audit |
C. |
post-audit |
D. |
observation |
E. |
pre-audit |
F. |
major compliance |
Correct Answer: BCE
QUESTION 238
Which three statements regarding ISO 27002 and COBIT are correct? (Choose three.)
A. |
COBIT and ISO 27002 both define a best practices framework for IT controls. |
B. |
COBIT focuses on information system processes, whereas ISO 27002 focuses on the security of the information systems. |
C. |
ISO 27002 addresses control objectives, whereas COBIT addresses information security management process requirements. |
D. |
Compared to COBIT, ISO 27002 covers a broader area in planning, operations, delivery, support, maintenance, and IT governance. |
E. |
Unlike COBIT, ISO 27002 is used mainly by the IT audit community to demonstrate risk mitigation and avoidance mechanisms. |
Correct Answer: ABC
QUESTION 239
The IETF is a collaborative effort by the international community of Internet professionals to improve the design, use, and management of the Internet. Which international organization charters the activity of IETF?
A. |
IANA |
B. |
ISO |
C. |
ISOC |
D. |
RIR |
E. |
IEC |
Correct Answer: C
QUESTION 240
Which RFC outlines BCP 84?
A. |
RFC 3704 |
B. |
RFC 2827 |
C. |
RFC 3030 |
|
RFC 2267 |
E. |
RFC 1918 |
Correct Answer: A
Free VCE & PDF File for Cisco 350-018 Practice Tests
Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …