[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 441-450

By | October 5, 2016

Ensurepass

QUESTION 441

Which three statements about Dynamic ARP Inspection on Cisco Switches are true? (Choose three.)

 

A.

Dynamic ARP inspection checks ARP packets on both trusted and untrusted ports.

B.

Dynamic ARP inspection is only supported on access ports.

C.

Dynamic ARP inspection checks ARP packets against the trusted database.

D.

The trusted database can be manually configured using the CLI.

E.

Dynamic ARP inspection does not perform ingress security checking.

F.

DHCP snooping is used to dynamically build the trusted database.

 

Correct Answer: CDF

 

 

QUESTION 442

Which two statements about the storm control implementation on the switch are true? (Choose two.)

 

A.

Traffic storm level is the percentage of total available bandwidth of the port.

B.

Traffic storm level is the rate at which layer 3 traffic is received on the port.

C.

Traffic storm control monitors only the broadcast traffic.

D.

Traffic storm control monitors the broadcast, multicast, and unicast traffic.

E.

Traffic storm level is the rate at which layer 2 traffic is received on the port.

F.

A Lower storm control level means more traffic is allowed to pass through.

 

Correct Answer: AD

 

 

QUESTION 443

Refer to the exhibit. Which option describes the behavior of the ACL if it is applied inbound on E0/0?

 

clip_image002

 

A.

The ACL will drop both initial and noninitial fragments for port 80 only.

B.

The ACL will pass both initial and noninitial fragments for port 80 only.

C.

The ACL will pass the initial fragment for port 80 but drop the noninitial fragment for any port.

D.

The ACL will drop the initial fragment for port 80 but pass the noninitial fragment for any port.

 

Correct Answer: C

 

 

 

 

QUESTION 444

Refer to the exhibit. Why does the Easy VPN session fail to establish between the client and server?

 

clip_image004

 

A.

Incomplete ISAKMP profile configuration on the server

B.

Incorrect IPsec phase-2 configuration on the server

C.

Incorrect group configuration on the client

D.

ISAKMP key mismatch

E.

Incorrect virtual-template configuration on the sever

 

Correct Answer: A

 

 

QUESTION 445

Which three types of traffic are generally policed via CoPP policies? (Choose three.)

 

A.

Transit traffic

B.

Routing protocol traffic

C.

IPsec traffic

D.

Traffic that is destined to any of the device’s interfaces.

E.

Traffic from a management protocol such as Telnet or SNMP

 

Correct Answer: BDE

 

 

QUESTION 446

Refer to the exhibit. Why is there no encrypted session between host 10.10.10.1 and 20.20.20.1?

 

clip_image005

 

A.

Incorrect or missing group configuration on the client.

B.

Incorrect or missing phase 2 configuration on the server.

C.

Incorrect or missing Virtual-Template configuration on the server.

D.

Incorrect or missing phase 1 configuration on server.

E.

Incorrect or missing Virtual-Template configuration on the client.

F.

Incorrect or missing group configuration on the server.

 

Correct Answer: E

 

 

QUESTION 447

Which statement about the PVLAN is true?

 

A.

Promiscuous ports can only communicate with other promiscuous ports.

B.

Isolated ports cannot communicate with the other promiscuous ports.

C.

Community ports can communicate with the other promiscuous ports but not with the other community ports.

D.

Isolated ports can communicate with the other isolated ports only.

E.

Promiscuous ports can communicate with all the other type of ports.

F.

Community ports can communicate with the other community ports but not with promiscuous ports.

 

Correct Answer: E

 

 

QUESTION 448

Refer to the exhibit. Which option describes the behavior of the ACL if it is applied inbound on E0/0?

 

clip_image007

 

A.

The ACL will drop both initial and noninitial fragments for port 80 only.

B.

The ACL will pass both initial fragments for port 80 and non-initial fragments.

C.

The ACL will pass the initial fragment for port 80 but drop the noninitial fragment for any port.

D.

The ACL will drop the initial fragment for port 80 but pass the noninitial fragment for any port.

 

Correct Answer: B

 

 

QUESTION 449

Which three IP resources is IANA responsible for? (Choose three.)

 

A.

IP address allocation

B.

detection of spoofed address

C.

criminal prosecution of hackers

D.

autonomous system number allocation

E.

root zone management in DNS

F.

BGP protocol vulnerabilities

 

Correct Answer: ADE

 

 

QUESTION 450

Which is a core function of the risk assessment process?

 

A.

performing regular network upgrades

B.

performing network optimization

C.

performing network posture validation

D.

establishing network baselines

E.

prioritizing network roll-outs

 

Correct Answer: C

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …