This page was exported from Easily Pass By Training Lead2pass Latest Dumps [ https://www.freebraindump.com ]
Export date: Fri Mar 29 8:17:20 2024 / +0000 GMT

Passed Cisco 350-018 Exam with Pass4sure and Lead2pass PDF & VCE (61-70)



QUESTION 61

Which statement is true regarding Cisco ASA operations using software versions 8.3 and later?

A.    The global access list is matched first before the interface access lists.

B.    Both the interface and global access lists can be applied in the input or output direction.

C.    When creating an access list entry using the Cisco ASDM Add Access Rule window, choosing

"global" as the interface will apply the access list entry globally.

D.    NAT control is enabled by default.

E.    The static CLI command is used to configure static NAT translation rules.

Answer: A

QUESTION 62

Which three multicast features are supported on the Cisco ASA? (Choose three.)

A.    PIM sparse mode?

B.    IGMP forwarding?

C.    Auto-RP

D.    NAT of multicast traffic?

Answer: ABD

QUESTION 63

Which three configuration tasks are required for VPN clustering of AnyConnect clients that are connecting to an FQDN on the Cisco ASA?? (Choose three.)

A.    The redirect-fqdn command must be entered under the vpn load-balancing sub-configuration.

B.    Each ASA in the VPN cluster must be able to resolve the IP of all DNS hostnames that are used

in the cluster?.

C.    The identification and CA certificates for the master FQDN hostname must be imported into each

VPN cluster-member device?.

D.    The remote-access IP pools must be configured the same on each VPN cluster-member interface.

Answer: ABC

QUESTION 64

Which three statements are true about objects and object groups on a Cisco ASA appliance that is running Software Version 8.4 or later? (Choose three.)

A.    TCP, UDP, ICMP, and ICMPv6 are supported service object protocol types.

B.    IPv6 object nesting is supported.

C.    Network objects support IPv4 and IPv6 addresses.

D.    Objects are not supported in transparent mode.

E.    Objects are supported in single- and multiple-context firewall modes.

Answer: ACE

QUESTION 65

Which command is used to replicate HTTP connections from the Active to the Standby Cisco ASA appliance in failover?

A.    monitor-interface http

B.    failover link fover replicate http

C.    failover replication http

D.    interface fover replicate http standby

E.    No command is needed, as this is the default behavior.

Answer: C

QUESTION 66

Which C3PL configuration component is used to tune the inspection timers such as setting the tcp idle-time and tcp synwait-time on the Cisco ZBFW?

A.    class-map type inspect

B.    parameter-map type inspect

C.    service-policy type inspect

D.    policy-map type inspect tcp

E.    inspect-map type tcp

Answer: B

QUESTION 67

Which three NAT types support bidirectional traffic initiation? (Choose three.)

A.    static NAT

B.    NAT exemption

C.    policy NAT with nat/global

D.    static PAT

E.    identity NAT

Answer: ABD

QUESTION 68

Which IPS module can be installed on the Cisco ASA 5520 appliance?

A.    IPS-AIM

B.    AIP-SSM

C.    AIP-SSC

D.    NME-IPS-K9

E.    IDSM-2

Answer: B

QUESTION 69

Which two options best describe the authorization process as it relates to network access? (Choose two.)

A.    the process of identifying the validity of a certificate, and validating specific fields in the certificate

against an identity store

B.    the process of providing network access to the end user

C.    applying enforcement controls, such as downloadable ACLs and VLAN assignment, to the network

access session of a user

D.    the process of validating the provided credentials

Answer: BC

QUESTION 70

If ISE is not Layer 2 adjacent to the Wireless LAN Controller, which two options should be configured on the Wireless LAN Controller to profile wireless endpoints accurately? (Choose two.)

A.    Configure the Call Station ID Type to be: "IP Address".

B.    Configure the Call Station ID Type to be: "System MAC Address".

C.    Configure the Call Station ID Type to be: "MAC and IP Address".

D.    Enable DHCP Proxy.

E.    Disable DHCP Proxy.

Answer: BE

If you want to pass Cisco 350-018 successfully, donot missing to read latest lead2pass Cisco 350-018 practice exams.

If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/350-018.html

 

 


Post date: 2014-04-15 04:11:17
Post date GMT: 2014-04-15 04:11:17
Post modified date: 2014-05-27 08:27:45
Post modified date GMT: 2014-05-27 08:27:45

Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com