[Free] Download New Updated (October 2016) Cisco 350-018 Real Exam 191-200

Ensurepass

QUESTION 191

Which three statements are true about TLS? (Choose three.)

 

A.

TLS protocol uses a MAC to protect the message integrity.

B.

TLS data encryption is provided by the use of asymmetric cryptography.

C.

The identity of a TLS peer can be authenticated using public key or asymmetric cryptography.

D.

TLS protocol is originally based on the SSL 3.0 protocol specification.

E.

TLS provides support for confidentiality, authentication, and nonrepudiation.

 

Correct Answer: ACD

 

QUESTION 192

Which three RADIUS protocol statements are true? (Choose three.)

 

A.

RADIUS protocol runs over TCP 1645 and 1646.

B.

Network Access Server operates as a server for RADIUS.

C.

RADIUS packet types for authentication include Access-Request, Access-Challenge, Access-Accept, and Access-Reject.

D.

RADIUS protocol runs over UDP 1812 and 1813.

E.

RADIUS packet types for authentication include Access-Request, Access-Challenge, Access- Permit, and Access-Denied.

F.

RADIUS supports PPP, PAP, and CHAP as authentication methods.

 

Correct Answer: CDF

 

 

QUESTION 193

Which three statements about OCSP are correct? (Choose three.)

 

A.

OCSP is defined in RFC2560.

B.

OCSP uses only http as a transport.

C.

OCSP responders can use RSA and DSA signatures to validate that responses are from trusted entities.

D.

A response indicator may be good, revoked, or unknown.

E.

OCSP is an updated version SCEP.

 

Correct Answer: ACD

 

 

QUESTION 194

Which three statements describe the security weaknesses of WEP? (Choose three.)

 

A.

Key strength is weak and non-standardized.

B.

The WEP ICV algorithm is not optimal for cryptographic integrity checking.

C.

There is no key distribution mechanism.

D.

Its key rotation mechanism is too predictable.

E.

For integrity, it uses MD5, which has known weaknesses.

 

Correct Answer: ABC

 

 

QUESTION 195

In HTTPS session establishment, what does the server hello message inform the client?

 

A.

that the server will accept only HTTPS traffic

B.

which versions of SSL/TLS the server will accept

C.

which ciphersuites the client may choose from

D.

which ciphersuite the server has chosen to use

E.

the PreMaster secret to use in generating keys

 

Correct Answer: D

 

 

 

QUESTION 196

DHCPv6 is used in which IPv6 address autoconfiguration method?

 

A.

stateful autoconfiguration

B.

stateless autoconfiguration

C.

EUI-64 address generation

D.

cryptographically generated addresses

 

Correct Answer: A

 

 

QUESTION 197

Refer to the exhibit. Which statement regarding the output is true?

 

clip_image002

 

A.

Every 1800 seconds the secondary name server will query the SOA record of the primary name server for updates.

B.

If the secondary name server has an SOA record with the serial number of 10973815, it will initiate a zone transfer on the next cycle.

C.

Other DNS servers will cache records from this domain for 864000 seconds (10 days) before requesting them again.

D.

Email queries concerning this domain should be sent to “admin@postmaster.cisco.com”.

E.

Both primary and secondary name servers will clear (refresh) their caches every 7200 seconds to ensure that up-to-date information is always in use.

 

Correct Answer: B

 

 

QUESTION 198

Which two options represent definitions that are found in the syslog protocol (RFC 5426)? (Choose two.)

 

A.

Syslog message transport is reliable.

B.

Each syslog datagram must contain only one message.

C.

IPv6 syslog receivers must be able to receive datagrams of up to 1180 bytes.

D.

Syslog messages must be prioritized with an IP precedence of 7.

E.

Syslog servers must use NTP for the accurate time stamping of message arrival.

 

Correct Answer: BC

 

 

QUESTION 199

According to RFC-5426, syslog senders must support sending syslog message datagrams to which port?

 

A.

TCP port 514

B.

UDP port 514

C.

TCP port 69

D.

UDP port 69

E.

TCP port 161

F.

UDP port 161

 

Correct Answer: B

 

 

QUESTION 200

Refer to the exhibit. What service is enabled on the router for a remote attacker to obtain this information?

 

clip_image004

 

A.

TCP small services

B.

finger

C.

maintenance operation protocol

D.

chargen

E.

Telnet

F.

CEF

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 350-018 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …

Comments are closed.