20% OFF Passleader 350-018 Study Materials Ensure 100% PASS (201-210)

QUESTION 201
Which two options represent definitions that are found in the syslog protocol (RFC 5426)? (Choose two.)

A.    Syslog message transport is reliable.
B.    Each syslog datagram must contain only one message.
C.    IPv6 syslog receivers must be able to receive datagrams of up to 1180 bytes.
D.    Syslog messages must be prioritized with an IP precedence of 7.
E.    Syslog servers must use NTP for the accurate time stamping of message arrival.

Answer: BC

QUESTION 202
According to RFC-5426, syslog senders must support sending syslog message datagrams to which port?

A.    TCP port 514
B.    UDP port 514
C.    TCP port 69
D.    UDP port 69
E.    TCP port 161
F.    UDP port 161

Answer: B

QUESTION 203
Refer to the exhibit. What service is enabled on the router for a remote attacker to obtain this information?

2031

A.    TCP small services
B.    finger
C.    maintenance operation protocol
D.    chargen
E.    Telnet
F.    CEF

Answer: B

QUESTION 204
In an 802.11 wireless network, what would an attacker have to spoof to initiate a deauthentication attack against connected clients?

A.    the BSSID of the AP where the clients are currently connected
B.    the SSID of the wireless network
C.    the MAC address of the target client machine
D.    the broadcast address of the wireless network

Answer: A

QUESTION 205
What is the commonly known name for the process of generating and gathering initialization vectors, either passively or actively, for the purpose of determining the security key of a wireless network?

A.    WEP cracking
B.    session hijacking
C.    man-in-the-middle attacks
D.    disassociation flood frames

Answer: A

QUESTION 206
According to RFC 4890, which four ICMPv6 types are recommended to be allowed to transit a firewall? (Choose four.)

A.    Type 1 – destination unreachable
B.    Type 2 – packet too big
C.    Type 3 – time exceeded
D.    Type 0 – echo reply
E.    Type 8 – echo request
F.    Type 4 – parameter problem

Answer: ABCF

QUESTION 207
Which action is performed first on the Cisco ASA appliance when it receives an incoming packet on its outside interface?

A.    check if the packet is permitted or denied by the inbound ACL applied to the outside interface
B.    check if the packet is permitted or denied by the global ACL
C.    check if the packet matches an existing connection in the connection table
D.    check if the packet matches an inspection policy
E.    check if the packet matches a NAT rule
F.    check if the packet needs to be passed to the Cisco ASA AIP-SSM for inspections

Answer: C

QUESTION 208
Refer to the exhibit. Which three statements about the Cisco ASDM screen seen in the exhibit are true? (Choose three.)

2081

A.    This access rule is applied to all the ASA interfaces in the inbound direction.
B.    The ASA administrator needs to expand the More Options tag to configure the inbound or outbound
direction of the access rule.
C.    The ASA administrator needs to expand the More Options tag to apply the access rule to an interface.
D.    The resulting ASA CLI command from this ASDM configuration is access-list global_access line 1
extended permit ip host 1.1.1.1 host 2.2.2.1.
E.    This access rule is valid only on the ASA appliance that is running software release 8.3 or later.
F.    This is an outbound access rule.

Answer: ADE

QUESTION 209
If an incoming packet from the outside interface does not match an existing connection in the connection table, which action will the Cisco ASA appliance perform next?

A.    drop the packet
B.    check the outside interface inbound ACL to determine if the packet is permitted or denied
C.    perform NAT operations on the packet if required
D.    check the MPF policy to determine if the packet should be passed to the SSM
E.    perform stateful packet inspection based on the MPF policy

Answer: B

QUESTION 210
Refer to the exhibit. Choose the correct description of the implementation that produced this output on the Cisco ASA appliance.

2101

A.    stateful failover using active-active for multi-context
B.    stateful failover using active-standby for multi-context
C.    stateful failover using active-standby for single-context
D.    stateless failover using interface-level failover for multi-context

Answer: A

20% OFF Passleader 350-018 Study Materials Ensure 100% PASS