Real Cisco 350-018 Practice Tests For Free Share From PassLeader (121-130)

Which of the following describes the DHCP “starvation” attack?

A.    Exhaust the address space available on the DHCP servers so that an attacker can inject their own DHCP server for malicious reasons.
B.    Saturate the network with DHCP requests to prevent other network services from working.
C.    Inject a DHCP server on the network for the purpose of overflowing DNS servers with bogus learned host names.
D.    Send DHCP response packets for the purpose of overloading CAM tables.

Answer: A

Which Cisco technology protects against Spanning Tree Protocol manipulation?

A.    spanning-tree protection
B.    root guard and BPDU guard
C.    Unicast Reverse Path Forwarding
D.    MAC spoof guard
E.    port security

Answer: B

Which three configuration components are required to implement QoS policies on Cisco routers using MQC? (Choose three.)

A.    class-map
B.    global-policy
C.    policy-map
D.    service-policy
E.    inspect-map

Answer: ACD

Which type of PVLAN ports can communicate among themselves and with the promiscuous port?

A.    isolated
B.    community
C.    primary
D.    secondary
E.    protected

Answer: B

Which statement is true about the Cisco NEAT 802.1X feature?

A.    The multidomain authentication feature is not supported on the authenticator switch interface.
B.    It allows a Cisco Catalyst switch to act as a supplicant to another Cisco Catalyst authenticator switch.
C.    The supplicant switch uses CDP to send MAC address information of the connected host to the authenticator switch.
D.    It supports redundant links between the supplicant switch and the authenticator switch.

Answer: B


Which additional configuration component is required to implement a MACSec Key Agreement policy on user-facing Cisco Catalyst switch ports?

A.    PKI
C.    multi-auth host mode
D.    port security
E.    802.1x

Answer: E

Which option correctly describes the security enhancement added for OSPFv3?

A.    The AuType field in OSPFv3 now supports the more secure SHA-1 and SHA-2 algorithms in addition to MD5.
B.    The AuType field is removed from the OSPFv3 header since simple password authentication is no longer an option.
C.    The Authentication field in OSPFv3 is increased from 64 bits to 128 bits to accommodate more secure authentication algorithms.
D.    Both the AuType and Authentication fields are removed from the OSPF header in OSPFv3, since now it relies on the IPv6 Authentication Header (AH) and IPv6 Encapsulating Security Payload (ESP) to provide integrity, authentication, and/or confidentiality.?
E.    The Authentication field is removed from the OSPF header in OSPFv3, because OSPFv3 must only run inside of an authenticated IPSec tunnel.

Answer: D

Which IPv6 tunnel type is a standard that is defined in RFC 4214?

B.    6to4
C.    GREv6
D.    manually configured

Answer: A

What IP protocol number is used in the protocol field of an IPv4 header, when IPv4 is used to tunnel IPv6 packets?

A.    6
B.    27
C.    41
D.    47
E.    51

Answer: C

Which three statements are true about PIM-SM operations? (Choose three.)

A.    PIM-SM supports RP configuration using static RP, Auto-RP, or BSR.
B.    PIM-SM uses a shared tree that is rooted at the multicast source.
C.    Different RPs can be configured for different multicast groups to increase RP scalability.
D.    Candidate RPs and RP mapping agents are configured to enable Auto-RP.
E.    PIM-SM uses the implicit join model.

Answer: ACD

Real Cisco 350-018 Practice Tests For Free Share From PassLeader