2014 Latest Cisco 350-018 Dump Free Download(51-60)!

QUESTION 51
An exploit that involves connecting to a specific TCP port and gaining access to an administrative command prompt is an example of which type of attack?

A.    botnet
B.    Trojan horse
C.    privilege escalation
D.    DoS

Answer: C

QUESTION 52
When configuring an Infrastructure ACL (iACL) to protect the IPv6 infrastructure of an enterprise network, where should the iACL be applied??

A.    all infrastructure devices in both the inbound and outbound direction
B.    all infrastructure devices in the inbound direction
C.    all infrastructure devices in the outbound direction
D.    all parameter devices in both the inbound and outbound direction
E.    all parameter devices in the inbound direction
F.    all parameter devices in the outbound direction

Answer: E

QUESTION 53
What feature on the Cisco ASA is used to check for the presence of an up-to-date antivirus vendor on an AnyConnect client?

A.    Dynamic Access Policies with no additional options
B.    Dynamic Access Policies with Host Scan enabled
C.    advanced endpoint assessment
D.    LDAP attribute maps obtained from Antivirus vendor

Answer: B

QUESTION 54
What type of attack consists of injecting traffic that is marked with the DSCP value of EF into the network?

A.    brute-force attack
B.    QoS marking attack
C.    DHCP starvation attack
D.    SYN flood attack

Answer: B

QUESTION 55
Which statement is true regarding Cisco ASA operations using software versions 8.3 and later?

A.    The global access list is matched first before the interface access lists.
B.    Both the interface and global access lists can be applied in the input or output direction.
C.    When creating an access list entry using the Cisco ASDM Add Access Rule window, choosing
“global” as the interface will apply the access list entry globally.
D.    NAT control is enabled by default.
E.    The static CLI command is used to configure static NAT translation rules.

Answer: A

QUESTION 56
Which three multicast features are supported on the Cisco ASA? (Choose three.)

A.    PIM sparse mode?
B.    IGMP forwarding?
C.    Auto-RP
D.    NAT of multicast traffic?

Answer: ABD

QUESTION 57
Which three configuration tasks are required for VPN clustering of AnyConnect clients that are connecting to an FQDN on the Cisco ASA?? (Choose three.)

A.    The redirect-fqdn command must be entered under the vpn load-balancing sub-configuration.
B.    Each ASA in the VPN cluster must be able to resolve the IP of all DNS hostnames that are used
in the cluster?.
C.    The identification and CA certificates for the master FQDN hostname must be imported into each
VPN cluster-member device?.
D.    The remote-access IP pools must be configured the same on each VPN cluster-member interface.

Answer: ABC

QUESTION 58
Which three statements are true about objects and object groups on a Cisco ASA appliance that is running Software Version 8.4 or later? (Choose three.)

A.    TCP, UDP, ICMP, and ICMPv6 are supported service object protocol types.
B.    IPv6 object nesting is supported.
C.    Network objects support IPv4 and IPv6 addresses.
D.    Objects are not supported in transparent mode.
E.    Objects are supported in single- and multiple-context firewall modes.

Answer: ACE

QUESTION 59
Which command is used to replicate HTTP connections from the Active to the Standby Cisco ASA appliance in failover?

A.    monitor-interface http
B.    failover link fover replicate http
C.    failover replication http
D.    interface fover replicate http standby
E.    No command is needed, as this is the default behavior.

Answer: C

QUESTION 60
Which C3PL configuration component is used to tune the inspection timers such as setting the tcp idle-time and tcp synwait-time on the Cisco ZBFW?

A.    class-map type inspect
B.    parameter-map type inspect
C.    service-policy type inspect
D.    policy-map type inspect tcp
E.    inspect-map type tcp

Answer: B

If you want to pass the Cisco 350-018 Exam sucessfully, recommend to read latest Cisco 350-018 Dump full version.

clip_image001