QUESTION 41
Which Cisco ASA feature can be used to update non-compliant antivirus/antispyware definition files on an AnyConnect client?
|
A. |
dynamic access policies |
|
B. |
dynamic access policies with Host Scan and advanced endpoint assessment |
|
C. |
Cisco Secure Desktop |
|
D. |
advanced endpoint assessment |
Correct Answer: B
QUESTION 42
Refer to the exhibit. When configuring a Cisco IPS custom signature, what type of signature engine must you use to block podcast clients from accessing the network?
|
A. |
service HTTP |
|
B. |
service TCP |
|
C. |
string TCP |
|
D. |
fixed TCP |
|
E. |
service GENERIC |
Correct Answer: A
QUESTION 43
An attacker configures an access point to broadcast the same SSID that is used at a public hot-spot, and launches a deauthentication attack against the clients that are connected to the hot-spot, with the hope that the clients will then associate to the AP of the attacker. In addition to the deauthentication attack, what attack has been launched?
|
A. |
man-in-the-middle |
|
B. |
MAC spoofing |
|
C. |
Layer 1 DoS |
|
D. |
disassociation attack |
Correct Answer: A
QUESTION 44
Which statement best describes the concepts of rootkits and privilege escalation?
|
A. |
Rootkits propagate themselves. |
|
B. |
Privilege escalation is the result of a rootkit. |
|
C. |
Rootkits are a result of a privilege escalation. |
|
D. |
Both of these require a TCP port to gain access. |
Correct Answer: B
QUESTION 45
Refer to the exhibit. Which message of the ISAKMP exchange is failing?
|
A. |
main mode 1 |
|
B. |
main mode 3 |
|
C. |
aggressive mode 1 |
|
D. |
main mode 5 |
|
E. |
aggressive mode 2 |
Correct Answer: B
QUESTION 46
Which multicast capability is not supported by the Cisco ASA appliance?
|
A. |
ASA configured as a rendezvous point |
|
B. |
Sending multicast traffic across a VPN tunnel |
|
C. |
NAT of multicast traffic |
|
D. |
IGMP forwarding (stub) mode |
Correct Answer: B
QUESTION 47
Which method of output queuing is supported on the Cisco ASA appliance?
|
A. |
CBWFQ |
|
B. |
priority queuing |
|
C. |
MDRR |
|
D. |
WFQ |
|
E. |
custom queuing |
Correct Answer: B
QUESTION 48
Refer to the exhibit. What type of attack is being mitigated on the Cisco ASA appliance?
|
A. |
HTTPS certificate man-in-the-middle attack |
|
B. |
HTTP distributed denial of service attack |
|
C. |
HTTP Shockwave Flash exploit |
|
D. |
HTTP SQL injection attack |
Correct Answer: D
QUESTION 49
Which four values can be used by the Cisco IPS appliance in the risk rating calculation? (Choose four.)
|
A. |
attack severity rating |
|
B. |
target value rating |
|
C. |
signature fidelity rating |
|
D. |
promiscuous delta |
|
E. |
threat rating |
|
F. |
alert rating |
Correct Answer: ABCD
QUESTION 50
Which three authentication methods does the Cisco IBNS Flexible Authentication feature support? (Choose three.)
|
A. |
cut-through proxy |
|
B. |
dot1x |
|
C. |
MAB |
|
D. |
SSO |
|
E. |
web authentication |
Correct Answer: BCE
Free VCE & PDF File for Cisco 350-018 Practice Tests
Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …