认证名称:CCIE Pre-Qualification Test for Security
考题数目:202
价格:¥ 300
更新:2008-09-01
CCIE350-018 考试题库由我们的资深IT认证讲师及产品专家精心打造,包括了当前最新的全套全真350-018考试试题,全部附有正确答案。所有购买 killtest 认证考题的客户都将得到60天的免费升级服务,保证了对CCIE Pre-Qualification Test for Security考试题库的完整覆盖。 killtest 助你一次通过 CCIE Pre-Qualification Test for Security 认证考试,一次不过全额退款!
1. How do TCP SYN attacks take advantage of TCP to prevent new connections from being established to a host under attack?
A. These attacks send multiple FIN segments forcing TCP connection release.
B. These attacks fill up a hosts' listen queue by failing to ACK partially opened TCP connections.
C. These attacks take advantage of the hosts transmit backoff algorithm by sending jam signals to the host.
D. These attacks increment the ISN of each segment by a random number causing constant TCP retransmissions.
E. These attacks send TCP RST segments in response to connection SYN+ACK segments forcing SYN retransmissions.
Answer: B
2. What are two key characteristics of VTP? (Choose 2)
A. VTP messages are sent out all switch-switch connections.
B. VTP L2 messages are communicated to neighbors using CDP.
C. VTP manages addition, deletion, and renaming of VLANs 1 to 4094.
D. VTP pruning restricts flooded traffic, increasing available bandwidth.
E. VTP V2 can only be used in a domain consisting of V2 capable switches.
F. VTP V2 performs consistency checks on all sources of VLAN information.
Answer: DE
3. Refer to the Exhibit. Switch SW2 has just been added to FastEthernet 0/23 on SW1. After a few seconds, interface Fa0/23 on SW1 is placed in the error-disabled state. SW2 is removed from port 0/23 and inserted into SW1 port Fa0/22 with the same result. What is the most likely cause of this problem?
A. The spanning-tree portfast feature has been configured on SW1.
B. BPDU filtering has been enabled either globally or on the interfaces of SW1.
C. The BPDU guard feature has been enabled on the FastEthernet interfaces of SW1.
D. The FastEthernet interfaces of SW1 are unable to auto-negotiate speed and duplex with SW2.
E. PAgP is unable to correctly negotiate VLAN trunk characteristics on the link between SW1 and SW2.
Answer: C
4. What are two important guidelines to follow when implementing VTP? (Choose 2)
A. CDP must be enabled on all switches in the VTP management domain.
B. All switches in the VTP domain must run the same version of VTP.
C. When using secure mode VTP, only configure management domain passwords on VTP servers.
D. Enabling VTP pruning on a server will enable the feature for the entire management domain. E. Use of the VTP multi-domain feature should be restricted to migration and temporary implementation.
Answer: BD
5. Refer to the Exhibit. The Cisco IOS-based switches are configured with VTP and VLANs as shown. The network administrator wants to quickly add the VLANs defined on SW1 to SW2's configuration and so he copies the vlan.dat file from the flash on SW1 to the flash of SW2. After the file is copied to SW2, it is rebooted. What is the VLAN status of SW2 after the reboot?
A. The VLAN information on SW2 will remain the same since it has been configured for transparent VTP mode.
B. SW2 will clear the vlan.dat file and load its VLAN information from the configuration file stored in NVRAM.
C. A VTP mode mismatch will occur causing the VLANS in the startup config to be ignored and all VLANs above 1005 to be erased.
D. The VLANs in the vlan.dat file will be copied to the running config and merged with the extended VLANs defined in the startup config.
E. All VLANs will be erased and all ports will be moved into the default VLAN 1.
Answer: C
Powered By