QUESTION 271
What is the advantage of using the ESP protocol over the AH?
A. |
data confidentiality |
B. |
data integrity verification |
C. |
nonrepudiation |
D. |
anti-replay protection |
Correct Answer: A
QUESTION 272
What applications take advantage of a DTLS protocol?
A. |
delay-sensitive applications, such as voice or video |
B. |
applications that require double encryption |
C. |
point-to-multipoint topology applications |
D. |
applications that are unable to use TLS |
Correct Answer: A
QUESTION 273
What mechanism does SSL use to provide confidentiality of user data?
A. |
symmetric encryption |
B. |
asymmetric encryption |
C. |
RSA public-key encryption |
D. |
Diffie-Hellman exchange |
Correct Answer: A
QUESTION 274
What action does a RADIUS server take when it cannot authenticate the credentials of a user?
A. |
An Access-Reject message is sent. |
B. |
An Access-Challenge message is sent, and the user is prompted to re-enter credentials. |
C. |
A Reject message is sent. |
D. |
A RADIUS start-stop message is sent via the accounting service to disconnect the session. |
Correct Answer: A
QUESTION 275
Which transport mechanism is used between a RADIUS authenticator and a RADIUS authentication server?
A. |
UDP, with only the password in the Access-Request packet encrypted. |
B. |
UDP, with the whole packet body encrypted. |
C. |
TCP, with only the password in the Access-Request packet encrypted. |
D. |
EAPOL, with TLS encrypting the entire packet. |
E. |
UDP RADIUS encapsulated in the EAP mode enforced by the authentication server. |
Correct Answer: A
QUESTION 276
Which three statements about the TACACS protocol are correct? (Choose three.)
A. |
TACACS+ is an IETF standard protocol. |
B. |
TACACS+ uses TCP port 47 by default. |
C. |
TACACS+ is considered to be more secure than the RADIUS protocol. |
D. |
TACACS+ can support authorization and accounting while having another separate authentication solution. |
E. |
TACACS+ only encrypts the password of the user for security. |
F. |
TACACS+ supports per-user or per-group for authorization of router commands. |
Correct Answer: CDF
QUESTION 277
Which three EAP methods require a server-side certificate? (Choose three.)
A. |
PEAP with MS-CHAPv2 |
B. |
EAP-TLS |
C. |
EAP-FAST |
D. |
EAP-TTLS |
E. |
EAP-GTP |
Correct Answer: ABD
QUESTION 278
A. |
It supports Windows single sign-on. |
B. |
It is a proprietary protocol. |
C. |
It requires a certificate only on the server side. |
D. |
It does not support an LDAP database. |
Correct Answer: A
QUESTION 279
Which four attributes are identified in an X.509v3 basic certificate field? (Choose four.)
A. |
key usage |
B. |
certificate serial number |
C. |
issuer |
D. |
subject name |
E. |
signature algorithm identifier |
F. |
CRL distribution points |
G. |
subject alt name |
Correct Answer: BCDE
QUESTION 280
What is the purpose of the OCSP protocol?
A. |
checks the revocation status of a digital certificate |
B. |
submits a certificate signing request |
C. |
verifies a signature of a digital certificate |
D. |
protects a digital certificate with its private key |
Correct Answer: A
Free VCE & PDF File for Cisco 350-018 Practice Tests
Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …