Fravo Cisco 350-018 v3.0

You have purchased a Fravo Technologies. Study Guide. This study guide is a complete collection of questions and answers that have been developed by our professional & certified team. You must study the contents of this guide properly in order to prepare for the actual certification test. The average time that we would suggest you for studying this study guide is approximately 15 to 20 hours and you will surely pass your exam. We guarantee it!
Nội dung trích xuất từ tài liệu:
Fravo Cisco 350-018 v3.0 Fravo.com Certification Made Easy MCSE, CCNA, CCNP, OCP, CIW, JAVA, Sun Solaris, Checkpoint World No1 Cert Guides info@Fravo.com CCIE Pre-Qualification Test for Security Exam 350-018 Edition 3.0 © Copyrights 1998-2005 Fravo Technologies. All Rights Reserved. 350-018 Congratulations!! You have purchased a Fravo Technologies. Study Guide. This study guide is a complete collection of questions and answers that have been developed by our professional & certified team. You must study the contents of this guide properly in order to prepare for the actual certification test. The average time that we would suggest you for studying this study guide is approximately 15 to 20 hours and you will surely pass your exam. We guarantee it! GOOD LUCK! DISCLAIMER This study guide and/or material is not sponsored by, endorsed by or affiliated with Microsoft, Cisco, Oracle, Citrix, CIW, CheckPoint, Novell, Sun/Solaris, CWNA, LPI, ISC, etc. All trademarks are properties of their respective owners. Guarantee If you use this study guide correctly and still fail the exam, send a scanned copy of your official score notice at: info@fravo.com We will gladly refund the cost of this study guide or give you an exchange of study guide of your choice of the same or lesser value. This material is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be prosecuted to the maximum extent possible under law. © Copyrights 1998-2005 Fravo Technologies. All Rights Reserved. http://www.fravo.com 1 http://www. fravo.com 350-018 Q1. The purpose of Lock & Key is: A. To secure the console port of the router so that even users with physical access to the router cannot gain access without entering the proper sequence. B. To allow a user to Telnet to the router and have temporary access lists applied after issuance of the access-enable command. C. To require additional authentication for traffic traveling through the PIX for TTAP compliance. D. To prevent users from getting into enable mode. Answer: B Q2. In addition to Kerberos port traffic, what additional service is used by the router and the Kerberos server in implementing Kerberos authentication on the router? A. TCP B. DNS C. FTP D. ICMP E. Telnet Answer: E Q3. When an IPSec authentication header (AH) is used in conjunction with NAT on the same IPSec endpoint, what is the expected result? A. NAT has no impact on the authentication header. B. IPSec communicates will fail because the AH creates a hash on the entire IP packet before NAT. C. AH is only used in IKE negotiation, so only IKE will fail. D. AH is no a factor when used in conjunction with NAT, unless Triple DES is included in the transform set. Answer: B Q4. Routing Information Protocol (RIP): A. Runs on TCP port 520. B. Runs directly on top of IP with the protocol ID 89. C. Runs on UDP port 520. D. Does not run on top of IP. Answer: C Q5. Exhibit: 2 http://www. fravo.com 350-018 Given the configuration shown, what is the expected behavior of IP traffic traveling from the attached clients to the two Ethernet subnets? (Multiple answer.) A. Traffic bound for the Internet will be translated by NAT and will not be encrypted. B. Traffic between the Ethernet subnets on both routers will be encrypted. C. Traffic bound for the Internet will not be routed because the source IP addresses are private. D. Traffic will not successfully access the Internet or the subnets of the remote router’s Ethernet interface. E. Traffic will be translated by NAT between the Ethernet subnets on both routers. Answer: B Q6. How is data between a router and a TACACS+ server encrypted? A. CHAP Challenge responses B. DES encryption, if defined C. MD5 has using secret matching keys D. PGP with public keys Answer: C Q7. A network administrator is troubleshooting a problem with FTP services. If a device blocks the data connection, the administrator should expect to see: A. Very slow connect times. 3 http://www. fravo.com 350-018 B. Incomplete execution, when issuing commands like “pwd” or “cd”. C. No problems at all. D. User login problems. E. Failure when listing a directory. Answer: E Q8. A Denial of Service (DoS) attack works on the following principle: A. MS-DOS and PC-DOS operating systems utilize a weak security protocol. B. All CLIENT systems have TCP/IP stack implementation weaknesses that can be compromised and permit them to launch an attack easily. C. Overloaded buffer systems can easily address error conditions and respond appropriately. D. Host systems cannot respond to real traffic, if they have an overwhelming number of incomplete connections (SYN/RCVD State). E. A server stops accepting connections from certain networks, once those networks become flooded. Answer: B Q9. TFTP security is controlled by: (Multiple answer.) A. A username/password. B. A default TFTP directory. C. A TFTP file. D. A pre-existing file on the server before it will accept a put. E. File privileges. Answer: B, D, E Q10. Which statements are true about RIP v1? (Multiple answer.) ...