Free Download Pass4sure Cisco 350-018 Exam Questions And Answers (41-50)

QUESTION 41
Which of the following best describes Chain of Evidence in the context of security forensics?

A.    Evidence is locked down, but not necessarily authenticated.
B.    Evidence is controlled and accounted for to maintain its authenticity and integrity.
C.    The general whereabouts of evidence is known.
D.    Someone knows where the evidence is and can say who had it if it is not logged.

Answer: B

QUESTION 42
Which option is a benefit of implementing RFC 2827?

A.    prevents DoS from legitimate, non-hostile end systems
B.    prevents disruption of special services such as Mobile IP
C.    defeats DoS attacks which employ IP source address spoofing
D.    restricts directed broadcasts at the ingress router
E.    allows DHCP or BOOTP packets to reach the relay agents as appropriate

Answer: C

QUESTION 43
Which of the following provides the features of route summarization, assignment of contiguous blocks of addresses, and combining routes for multiple classful networks into a single route?

A.    classless interdomain routing
B.    route summarization
C.    supernetting
D.    private IP addressing

Answer: A

QUESTION 44
Aggregate global IPv6 addresses begin with which bit pattern in the first 16-bit group?

A.    000/3
B.    001/3
C.    010/2
D.    011/2

Answer: B

QUESTION 45
Which layer of the OSI reference model typically deals with the physical addressing of interface cards?

A.    physical layer
B.    data-link layer
C.    network layer
D.    host layer

Answer: B

QUESTION 46
Which statement best describes a key difference in IPv6 fragmentation support compared to IPv4?

A.    In IPv6, IP fragmentation is no longer needed because all Internet links must have an IP MTU of 1280 bytes or greater.
B.    In IPv6, PMTUD is no longer performed by the source node of an IP packet.
C.    In IPv6, IP fragmentation is no longer needed since all nodes must perform PMTUD and send packets equal to or smaller than the minimum discovered path MTU.
D.    In IPv6, PMTUD is no longer performed by any node since the don’t fragment flag is removed from the IPv6 header.
E.    In IPv6, IP fragmentation is performed only by the source node of a large packet, and not by any other
devices in the data path.

Answer: E

QUESTION 47
Refer to the exhibit. It shows the format of an IPv6 Router Advertisement packet. If the Router Lifetime value is set to 0, what does that mean?
 
A.    The router that is sending the RA is not the default router.
B.    The router that is sending the RA is the default router.
C.    The router that is sending the RA will never power down.
D.    The router that is sending the RA is the NTP master.
E.    The router that is sending the RA is a certificate authority.
F.    The router that is sending the RA has its time synchronized to an NTP source.

Answer: A

QUESTION 48
If a host receives a TCP packet with an SEQ number of 1234, an ACK number of 5678, and a length of 1000 bytes, what will it send in reply?

A.    a TCP packet with SEQ number: 6678, and ACK number: 1234
B.    a TCP packet with SEQ number: 2234, and ACK number: 5678
C.    a TCP packet with SEQ number: 1234, and ACK number: 2234
D.    a TCP packet with SEQ number: 5678, and ACK number 2234

Answer: D

QUESTION 49
A network administrator uses a LAN analyzer to troubleshoot OSPF router exchange messages sent to all OSPF routers. To which one of these MAC addresses are these messages sent?

A.    00-00-1C-EF-00-00
B.    01-00-5E-00-00-05
C.    01-00-5E-EF-00-00
D.    EF-FF-FF-00-00-05
E.    EF-00-00-FF-FF-FF
F.    FF-FF-FF-FF-FF-FF

Answer: B

QUESTION 50
Comparing and contrasting IKEv1 and IKEv2, which three statements are true? (Choose three.)

A.    IKEv2 adds EAP as a method of authentication for clients; IKEv1 does not use EAP.
B.    IKEv1 and IKEv2 endpoints indicate support for NAT-T via the vendor_ID payload.
C.    IKEv2 and IKEv1 always ensure protection of the identities of the peers during the negotiation process.
D.    IKEv2 provides user authentication via the IKE_AUTH exchange; IKEv1 uses the XAUTH exchange.
E.    IKEv1 and IKEv2 both use INITIAL_CONTACT to synchronize SAs.
F.    IKEv1 supports config mode via the SET/ACK and REQUEST/RESPONSE methods; IKEv2 supports only REQUEST/RESPONSE.

Answer: ADE

Free Download Pass4sure Cisco 350-018 Exam Questions And Answers