Cisco 350-001 Questions And Answers, Prepare for the Cisco 350-001 Vce Dumps On Our Store

Most accurate The Cisco 350-001 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of Cisco 350-001.We provide our customers with the excellent 7×24 hours customer service.We have the most professional Oracle 1Z0-851 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our Cisco 350-001 free pdf practice test for you to free download.Cisco 350-001 is also an authenticated IT certifications site that offer all the new questions and answers timely.Visit the site Flydumps.com to get free Cisco 350-001 VCE test engine and PDF.

QUESTION 44
A request arrived on your MPLS-vpn-bgp group. Due to a security breach, your customer is experiencing DoS attacks coming from specific subnets (200.0.10.0/24, 200.0.12.0/24). You have checked all MPLS-EBGP routes being advertised to BHK from other VPN sites and found four subnets listed:
200.0.10.0/24, 200.0.11.0/24, 200.0.12.0/24, 200.0.13.0/24. You immediately apply an outbound ACL filter using the appropriate MPLS-EBGP tool: access-list 1 deny 0.0.0.0 255.254.255 access-list 1 permit any What happens when you apply this ACL on the MPLS-EBGP connection to BHK?
A. It blocks all routes.
B. It blocks the routes 200.0.12.0/24, 200.0.10.0/24 only.
C. It blocks the routes 200.0.12.0/24, 200.0.13.0/24 only.
D. It blocks the routes 200.0.10.0/24, 200.0.13.0/24 only.
E. Nothing happens, no routes are blocked.
Correct Answer: B
QUESTION 45
Refer to the exhibit. R2 and R3 are routers connected using Ethernet services from a service provider and can receive pings from each other. OSPF is configured as the routing protocol but adjacency is not happening. According to the output of the show commands in the exhibit, what could be the most likely cause of the problem?

A. Ethernet interfaces were configured as point-to-point.
B. Process IDs are not matching.
C. Configured bandwidths do not match on both interfaces.
D. Broadcasts and multicast are not being propagated over the Ethernet services.
E. OSPF cost does not match on both interfaces.
Correct Answer: D
QUESTION 46
Which mechanism can you use to achieve sub-second failover for link failure detection when a switched Ethernet media is used and loss of signal is not supported by the link provider?
A. OSPF standard hellos
B. Cisco Discovery Protocol link detection
C. Bidirectional Forwarding Detection
D. Fast Link Pulse
E. autonegotiation
Correct Answer: C
QUESTION 47
While troubleshooting a network, you need to verify the liveness of hosts in the subnet 192.168.1.64/26. All of the hosts are able to reply to ping requests. How would you confirm the existing nodes using one single command?
A. ping 192.168.1.255
B. ping with sweep option
C. ping 192.168.1.127
D. ping 192.168.1.64
E. ping with broadcast option
Correct Answer: C
QUESTION 48
Refer to the exhibit. There are two sites connected across WAN links. All intersite and intrasite links always have the same routing metric. The network administrator sees only the top routers and links being used by hosts at both LAN A and LAN B. What would be two suggestions to load-balance the traffic across both WAN links? (Choose two.)

A. Make HSRP track interfaces between the edge and core routers.
B. Replace HSRP with GLBP.
C. Add crossed intrasite links: R1-R4, R2-R3, R5-R8, and R6-R7.
D. Make R3 and R8 have lower HSRP priority than R1 and R7.
E. Replace HSRP with VRRP.
Correct Answer: BC
QUESTION 49
Refer to the exhibit. According to the output of the command show tag-switching forwarding-table, which four of these statements are true? (Choose four.)

A. Packets to the IP address 10.10.10.5/32 will be tagged with “17” toward the next hop.
B. Label “19” will be advertised to MPLS neighbors so that they can use this label to reach the IP address 10.10.10.6/32.
C. IP address 10.10.10.4/32 is directly connected to the neighbor router on serial 3/0.
D. Packets arriving with label “17” will be forwarded without any label toward serial 4/0.
E. Packets arriving with label “20” will be forwarded with label “21” after label-swapping.
F. Label “20” is advertised to MPLS neighbors so that they can use this information to reach the prefix 10.10.10.8/32.
Correct Answer: CDEF
QUESTION 50
When troubleshooting a network, the output of the command show interfaces indicates a large number of runts. What is a runt?
A. the number of packets that are discarded because they exceed the maximum packet size of the medium
B. errors created when the CRC generated by the originating LAN station or far-end device does not match the checksum calculated from the data received.
C. the number of packets that are discarded because they are smaller than the minimum packet size of the medium
D. the number of received packets that were ignored by the interface because the interface hardware ran low on internal buffers
E. the number of times that the interface requested another interface within the router to slow down
Correct Answer: C Exam C QUESTION 1
Which two of these elements need to be configured prior to enabling SSH? (Choose two.)
A. hostname
B. loopback address
C. default gateway
D. domain name
E. SSH peer address

Correct Answer: AD QUESTION 2
Refer to the exhibit. Based on this configuration, what type of marker is achieved?

A. Single-rate, two-color marker
B. Three-rate, two-color marker
C. Two-rate, three-color marker
D. Single-rate, three-color marker

Correct Answer: C
QUESTION 3
Refer to the exhibit. A network engineer received a sudden request to prioritize voice over his Cisco network and he has decided to leverage the AutoQoS feature. Based on the output shown, which two tasks need to be performed prior to issuing the autoqos voip command in this router? (Choose two.)

A. Enable Cisco Express Forwarding.
B. Enable fast switching.
C. Delete all policy maps.
D. Remove service-policy commands from interface serial1/0.
E. Delete all the currently configured class maps.
Correct Answer: AD
QUESTION 4
What is an important consideration that should be taken into account when configuring shaped round robin?
A. It enables policing.
B. Strict priority is not supported.
C. WRED must be previously enabled.
D. It enables WRR.
Correct Answer: B
QUESTION 5
Refer to the exhibit. Based on the configuration shown, which queuing mechanism has been configured on interface serial 1/0?

A. PQ
B. CQ
C. WFQ
D. LLQ
E. CBWFQ
Correct Answer: E
QUESTION 6
Which of the following is the encryption algorithm used for priv option when using SNMPv3?
A. HMAC-SHA
B. HMAC-MD5
C. CBC-DES
D. AES E. 3DES
Correct Answer: C

QUESTION 7
Which RMON group stores statistics for conversations between sets of two addresses?
A. hostTopN
B. matrix
C. statistics
D. history E. packet capture
F. host
Correct Answer: B
QUESTION 8
Which of the following describes the appropriate port assignment and message exchange in a standard TFTP transaction?
A. Server: 10.0.0.1:69 RRQ/WRQ Sent Client: 10.0.0.2:1888 RRQ/WRQ Received
B. Server: 10.0.0.1:1888 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Received
C. Server: 10.0.0.1:69 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Sent
D. Server: 10.0.0.1:69 RRQ/WRQ Received Client: 10.0.0.2:1888 RRQ/WRQ Sent
E. Server: 10.0.0.1:1888 RRQ/WRQ Sent Client: 10.0.0.2:69 RRQ/WRQ Sent
F. Server: 10.0.0.1:1888 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Sent
Correct Answer: D
QUESTION 9
You are responsible for network monitoring and need to monitor traffic over a routed network from a remote source to an IDS or IPS located in the headquarters site. What would you use in order to accomplish this?
A. VACLs and VSPAN
B. RSPAN
C. ERSPAN
D. NetFlow
Correct Answer: C
QUESTION 10
What is the default maximum reservable bandwidth (percentage) by any single flow on an interface after enabling RSVP?
A. 75 percent
B. 60 percent
C. 56 percent
D. 50 percent
E. 25 percent
Correct Answer: A

QUESTION 11
Which two protocols can have their headers compressed through MQC? (Choose two.)
A. RTP
B. RTSP
C. HTTP
D. TCP
E. UDP
Correct Answer: AD QUESTION 12

You have a router running BGP for the MPLS network and OSPF for the local LAN network at the sales office. A route is being learned from the MPLS network that also exists on the OSPF local network. It is important that the router chooses the local LAN route being learned from the downstream switch running OSPF rather than the upstream BGP neighbor. Also, if the local OSPF route goes away, the BGP route needs to be used. What should be configured to make sure that the router will choose the LAN network as the preferred path?
A. static route needs to be added
B. floating static route needs to be added
C. bgp backdoor command
D. ospf backdoor command
Correct Answer: C
QUESTION 13
In BGP routing, what does the rule of synchronization mean?
A. A BGP router can only advertise an EBGP learned route, provided that the route is an IGP route in the routing table.
B. A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route in the routing table.
C. A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route that is not in the routing table.
D. A BGP router can only advertise an EBGP learned route, provided that the route is a metric of 0 in the BGP table.
Correct Answer: B
QUESTION 14
Router 1 is configured for BGP as dual-homed on the Cisco network. Which three BGP attributes are carried in every BGP update on this router (both IBGP and EBGP)? (Choose three.)
A. origin
B. router-ID
C. AS-path
D. local-preference
E. next-hop
Correct Answer: ACE
QUESTION 15
In your Cisco EIGRP network, you notice that the neighbor relationship between two of your routers was recently restarted. Which two of these choices could have made this occur? (Choose two.)
A. An update packet with init flag set from a known, already established neighbor relationship was received by one of the routers.
B. The ARP cache was cleared.
C. The counters were cleared.
D. The IP EIGRP neighbor relationship was cleared manually.
Correct Answer: AD
QUESTION 16
Your Cisco network currently runs OSPF and you have a need to policy-route some specific traffic, regardless of what the routing table shows. Which one of these options would enable you to policy-route the traffic?
A. source IP address and the protocol (such as SSL, HTTPS, SSH)
B. the packet Time to Live and the source IP address
C. type of service header and DSCP value
D. destination IP address
Correct Answer: A
QUESTION 17
You use OSPF as your network routing protocol. You use the command show ip route and you see several routes described as O, O IA, O E1, and O E2. What routes are in your area?
A. O IA
B. O E1
C. O E2
D. O
Correct Answer: D
QUESTION 18
What are the mandatory, well-known BGP attributes?
A. origin, AS-path, next-hop
B. AS-path, origin, MED
C. AS-path, origin, weight
D. AS-path, weight, MED
Correct Answer: A
QUESTION 19
Network A has a spanning-tree problem in which the traffic is selecting a longer path. How is the path cost calculated?
A. number of hops
B. priority of the bridge
C. interface bandwidth
D. interface delay
E. None of the above
Correct Answer: C
QUESTION 20
You deployed new fibers in your network to replace copper spans that were too long. While reconnecting the network, you experienced network problems because you reconnected wrong fibers to wrong ports. What could you do to prevent this type of problem in the future, particularly when connecting and reconnecting fiber pairs?
A. Only use fiber in pairs.
B. Configure root guard on your switches.
C. Do not use fiber but use copper.
D. Configure UDLD to prevent one-way link conditions.
Correct Answer: D
QUESTION 21
While deploying a new switch, you accidently connect ports 3/12 and 3/18 together, creating a loop. STP detected it and placed port 3/18 in blocking mode. Why did STP not place port 3/12 in blocking mode instead?
A. Port 3/12 was already up and forwarding before the loop was created.
B. Port priority is based on lowest priority and lowest port number.
C. You connected the wire on port 3/18 last.
D. None of the above, it is purely random.
Correct Answer: B
QUESTION 22
What keywords do you need to the access-list to provide to the logging message like source address and source mac address?
A. Log
B. Log-input
C. Log-output
D. Logging
Correct Answer: B
QUESTION 23
The OSPF RFC 3623 Graceful Restart feature allows you to configure IETF NSF in ultivendor networks. When using OSPF Graceful Restart, which mechanism is used tocontinue forwarding packets during a switchover?
A. Reverse Path Forwarding
B. Hardware-based forwarding
C. UDP forwarding
D. Layer 2 Forwarding
Correct Answer: B
QUESTION 24
Multi Protocol Label Switching (MPLS) is a data-carrying mechanism that belongs to the family of packet-switched networks. For an MPLS label, if the stack bit is set to1, which option is true?
A. The stack bit will only be used when LDP is the label distribution protocol
B. The label is the last entry in the label stack.
C. The stack bit is for Cisco implementations exclusively and will only be used when TDP is the label distribution protocol.
D. The stack bit is reserved for future use.
Correct Answer: B
QUESTION 25
Half of your network uses RIPv2 and the other half runs OSPF. The networks do not communicate with each other. Which two of these factors describe the impact of activating EIGRP over each separate part? (Choose two.)
A. EIGRP will not be accepted when configured on the actual RIPv2 routers.
B. OSPF will no longer be used in the routing table, because you only have EIGRP internal routes running.
C. OSPF will no longer be used in the routing table, because you only have EIGRP external routes running.
D. RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP external routes running.
E. RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP internal routes running.
F. OSPF database will have RIPv2 routes.
Correct Answer: BE
QUESTION 26
Your company is researching a new application that runs over IPv6, but part of it must still have IPv4 support. Your company uses a traditional IPv4 network. Your plan is not to run IPv6 over the whole network, but to segment parts of the network or even to operate simultaneously with IPv6 and IPv4. You must make a brief presentation about IPv6 technology to the board of technical directors. Which three of these items could be part of your presentation? (Choose three.)
A. Tunnel IPv6 over IPv4 to connect far-end IPv6 networks.
B. Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is not possible.
C. Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is possible.
D. What is the meaning of EUI-64 and how does it work?
E. Tunnel IPv4 over IPv6 to connect far-end IPv4 networks.
Correct Answer: ACD
QUESTION 27
Refer to exhibits 1 and 2. In exhibit 1, all users on the LAN segment use router A as the active HSRP router. Router B is the standby router for the HSRP. In exhibit 2, the network management team reported that there is no utilization on the WAN link B. To solve this problem, you decide to change the logical topology of your LAN, but you are not sure about what changes must be made. You must manage HSRP or change it to another protocol in order to provide the most scalable design, automatic redundancy, and load balancing. Which one of these actions would be the best choice?

A. Use MHSRP, with three users using router A as the default gateway and three users using router B as the default gateway.
B. Keep HSRP and activate PBR to redirect half of the traffic to the other WAN link.
C. Use the backup interface on the WAN link B to provide load balancing for all users.
D. Use GLBP instead, because it provides you with up to three MAC addresses for the same default gateway virtual IP address.
E. Use GLBP instead, because it provides you with up to four MAC addresses for the same default gateway virtual IP address.
Correct Answer: E
QUESTION 28
Refer to exhibits 1 and 2. A company uses a Metro Ethernet (Gigabit Ethernet) dedicated circuit to communicate between users (subnet B) and servers (subnet A) as shown in Exhibit Both routers use OSPF to advertise the subnets. During a weekly management meeting, they realize that the WAN link is oversize. They have been using only 2 Mb/s in the worst- case scenario. So they propose a new, cheaper WAN connection using a 2-Mb/s Frame- Relay point-to-point link to interconnect both sites (Exhibit 2). The Frame Relay service provider informs them that multicast traffic is not allowed to run over the service provider network. Which one of these options is best to enable the company to establish the OSPF neighbor adjacency?

A. Use OSPF network broadcast, because it uses unicast to establish a neighbor relationship.
B. Use OSPF network point-to-multipoint, because it uses unicast to establish a neighbor relationship.
C. Use OSPF network point-to-point, because it uses unicast to establish a neighbor relationship.
D. Use OSPF network point-to-multipoint nonbroadcast, because it establishes a neighbor relationship using unicast packets.
E. Use OSPF network nonbroadcast, because it establishes a neighbor relationship using multicast.
Correct Answer: D
QUESTION 29
Refer to the exhibit. Users from the Engineering VLAN complain that every time Business VLAN users have a network connectivity issue, the Engineering VLAN users usually have problems experiencing slow response or network connectivity problems. After troubleshooting, an unauthorized switch 2 was found. This unauthorized switch has been a regular problem, assuming the root bridge function under the spanning-tree domain and causing the Engineering VLAN to be unstable. Which three of these actions could be suggested to fix the problem?

A. Upgrade Spanning Tree Protocol to Rapid Spanning Tree Protocol.
B. Change Business VLAN PCs to switch 1 and switch 4.
C. Force the root bridge to be switch 2, instead.
D. Adjust spanning-tree timers (max-age and forward-delay).
E. Shut down all unused ports.
F. Use MSTP to separate the Engineering VLAN from the Business VLAN to optimize spanning-tree convergence time within each VLAN
Correct Answer: AEF
QUESTION 30
When running IP SLA, which application type should be used if you want to know round- trip delay, jitter, and packet loss for the full path?
A. ICMP path echo
B. UDP echo
C. ICMP path jitter
D. Application Performance Monitor
E. TCP connect
Correct Answer: C
QUESTION 31
Which option is true when calculating round-trip delay in IP SLA operations?
A. The processing time on the end routers is only assessed for operations that involve the responder.
B. The processing time on the end routers is only assessed for operations that involve the transmitter.
C. The processing time on the end routers is only assessed for operations that involve both the responder and the transmitter.
D. The processing time on the end routers is not assessed for neither the responder nor the transmitter.
Correct Answer: A
QUESTION 32
Refer to the exhibit. You are asked to enable redirection for a network optimization engine that will be connected directly to your company CPE. What is the correct configuration to enable redirection for traffic optimization?

A. (config)#interface s0/0 (config-if)#ip wccp 61 out (config)#interface e0/0 (config-if)#ip wccp 62 out
B. (config)#interface s0/0 (config-if)#ip wccp 62 in (config)#interface e0/0 (config-if)#ip wccp 61 in
C. (config)#interface s0/0 (config-if)#ip wccp 61 in (config-if)#ip wccp 62 out
D. (config)#interface e0/0 (config-if)#ip wccp 61 in (config-if)#ip wccp 62 out
E. (config)#interface e0/0 (config-if)#ip wccp 61 out (config-if)#ip wccp 62 in
F. (config)#interface s0/0 (config-if)#ip wccp 61 out (config-if)#ip wccp 62 in
Correct Answer: D
QUESTION 33
The EtherChannel between your LAN switch and the Internet router is not load-balancing efficiently. On the switch, there are several workstations with valid IP ranges. Which load- balance algorithms can you use in the switch in order to optimize this load balancing? (Choose four.)
A. source IP address
B. destination IP address
C. per-packet load balance
D. destination MAC address
E. source MAC address
Correct Answer: ABDE
QUESTION 34
Before inserting a new switch in the network, the network administrator checks that the VTP domain name is correct, the VTP mode is set to server, and revision is lower than the switches in the network. The administrator then configures interfaces and trunks, erases existing VLANs, and connects the switch to the network. Following that procedure, there is no connectivity in the network. What is a possible cause of this problem?
A. Because the configuration revision of the new switches is lower than the rest of the network, it can change the VLAN database of the other switches.
B. As a VTP server, the new switch deleted all VLANs of the network.
C. Erasing VLANs increases the VTP configuration revision.
D. Since the configuration revision of the network is higher than the new switch, the VLAN database was automatically synchronized.
Correct Answer: C
QUESTION 35
The network administrator wants to enable an EtherChannel between two switches in “on” mode. The administrator connects the cables and enables the interfaces, but while configuring the EtherChannel in the first switch, a spanning-tree loop was detected. Which two of these procedures can avoid this problem? (Choose two.)
A. Configure the EtherChannel as “desirable” first.
B. Assign all interfaces to the same VLAN.
C. Disable PortFast on the interfaces in the EtherChannels.
D. Disable all interfaces first.
E. Fast Ethernet and Gigabit Ethernet ports cannot be assigned to the same EtherChannel.
F. Fix cabling problems.
Correct Answer: AD
QUESTION 36
Customer X has a hub-and-spoke Frame Relay network, with a central office and two branch offices (RemoteA and RemoteB). Each location has only one physical link to the Frame Relay cloud and RemoteB has a router that is not a Cisco router. Since the installation, there is no connectivity between RemoteB and the central office. What is a possible solution to this issue?
A. Because Frame Relay IETF encapsulation is only configurable at interface level, you must use IETF encapsulation on all routers.
B. This is not a possible scenario. A dedicated Frame Relay link to RemoteB is mandatory at the central office.
C. The router at RemoteB must be replaced by a Cisco router.
D. Use Frame Relay IETF encapsulation on a per-VC basis on the central office router.
E. There is a problem in the Frame Relay cloud, because Cisco routers are compatible with IETF Frame Relay.
Correct Answer: D
QUESTION 37
You are deploying two core switches, one in each building, 50 km away from each other. The cross-connection between them will be a Layer 2 2-gigabit EtherChannel with an 802.1Q trunk. You configured it correctly but the link does not come up. The port is in the “admin up” state, and the line protocol is in the “down” state. The fiber link is OK. What would be the most likely reason for the link not to come up?
A. The switches are not the same model.
B. You are not using the correct SFP.
C. You are not using correct optical media converters.
D. Configuration should be modified, because the distance is longer.
Correct Answer: B
QUESTION 38
You are configuring an 802.1Q trunk between a Layer 2 switch and a firewall. You read in the documentation that the best way to set up a trunk is to set the port as dynamic desirable. The trunk is not coming up. Which one of these options would be a valid explanation?
A. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode ON.
B. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode to OFF.
C. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode as auto.
D. The firewall does not support DTP. You should set the switchport trunk mode to ON.
Correct Answer: D
QUESTION 39
Refer to the exhibit. You are setting up a 2-gigabit EtherChannel. Following IEEE standards, the exhibit shows your configuration in a local switch1. However, EtherChannel is not coming up. Which one of these statements could be a possible reason?

A. EtherChannel is only available in Cisco equipment.
B. The customer side is supposed to be running PAgP, which is a Cisco standard.
C. PAgP is not an IEEE standard. VRRP should be used.
D. The configuration on switch1 needs to be modified to use LACP.
Correct Answer: D
QUESTION 40
You work as a network engineer for the company, you want to configure two BGP speakers to form an EBGP session across a firewall. On the engineer’s network, the firewall always permits TCP sessions that are initiated from the inside network (the network attached to the inside interface of the firewall). What prerequisite is there for enabling BGP to run on this network?
A. EBGP multihop will need to be configured for this to work.
B. This should work with normal BGP peering, with no additional configuration on the BGP speakers or the firewall.
C. The BGP protocol port must be opened on the firewall
D. There is no way to make BGP work across a firewall.
Correct Answer: A
QUESTION 41
For the following LMI types, which three can be configured for use with Frame Relay on a Cisco router? (Choose three.)
A. Cisco
B. ANSI – Annex D
C. Q.931 – Annex B
D. Q.933 – Annex A
Correct Answer: ABD
QUESTION 42
A user has no network connectivity. A check of the associated port indicates that the interface is up, the line protocol is down. Which item would most likely cause this problem?
A. Speed mismatch
B. Incorrect encapsulation
C. MTU set too low
D. Duplex mismatch
Correct Answer: A
QUESTION 43
Which three statements are true about Source Specific Multicast? (Choose three.)
A. Is best suited for applications that are in the one-to-many category.
B. SSM uses shortest path trees only.
C. The use of SSM is recommended when there are many sources and it is desirable to keep the amount of mroute state in the routers in the network to a
D. There are no RPs to worry about
Correct Answer: ABD
QUESTION 44
Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?
A. DHCP requests will be switched in the software, which may result in lengthy response times.
B. The switch will run out of ACL hardware resources.
C. All DHCP requests will pass through the switch untested.
D. The DHCP server reply will be dropped and the client will not be able to obtain an IP address.
Correct Answer: D
QUESTION 45
On the basis of the definitions of different services in various RFCs, traffic with Expedited Forwarding per-hop behavior should be marked as which of these?
A. IP ToS of 0xEF
B. IP experimental ECN
C. DSCP decimal 5
D. Binary value of 101110
Correct Answer: D
QUESTION 46
Prior to 802.1w, Cisco implemented a number of proprietary enhancements to 802.1D to improve convergence in a Layer 2 network. Which statement is correct?
A. Only UplinkFast and BackboneFast are specified in 802.1w; PortFast must be manually configured.
B. Only PortFast is specified in 802.1w; UplinkFast and BackboneFast must be manually configured.
C. None of the proprietary Cisco enhancements are specified in 802.1w.
D. PortFast, UplinkFast, and BackboneFast are specified in 802.1w.
Correct Answer: D QUESTION 47
In Frame Relay, FECN messages indicating congestion are sent or received by which of following?
A. Sent by the destination
B. Received by the sender
C. Received by the destination
D. Sent by the sender

Correct Answer: C QUESTION 48
Which statement is correct in reference to IPv6 multicast?
A. IPv6 multicast uses Multicast Listener Discovery.
B. The first 8 bits of an IPv6 multicast address are always FF (1111 1111).
C. IPv6 multicast requires MSDP.
D. PIM dense mode is not part of IPv6 multicast.

Correct Answer: A QUESTION 49
As a network administrator, can you tell me what the root guard feature provides in a bridgednetwork?
A. It ensures that BPDUs sent by the root bridge are forwarded in a timely manner
B. It enforces the root bridge placement in the network
C. It ensures that all ports receiving BPDUs from the root bridge are in the forwarding state.
D. It ensures that the bridge is elected as root bridge in the network.

Correct Answer: B QUESTION 50
If you have overlapping IP address between two different networks or routing domains, which two commands are needed to globally configure NAT to get this to work?
A. ip nat outside source static udp x.x.x.x y.y.y.y and ip nat inside source udp x.x.x.x y.y.y.y
B. ip nat outside source static x.x.x.x y.y.y.y and ip nat inside source static x.x.x.x y.y.y.y
C. ip nat outside source static tcp x.x.x.x y.y.y.y and ip nat outside source tcp x.x.x.x y.y.y.y
D. ip nat outside source list 1 interface x and ip nat inside source list 1 interface x Correct Answer: B

Exam D
QUESTION 1
Two directly connected routers, PassGuide-R1 and PassGuide–R2, are both configured for OSPF graceful restart. PassGuide-R2 is able to switch packets in hardware, but PassGuide-R1 is not. If a network administrator logs on to PassGuide-R2 and performs a system reload, which will be the result?
A. Traffic forwarded from PassGuide-R2 to or through PassGuide–R1 will continue to be forwarded based on the forwarding table state at the time of the reload. OSPF will
B. PassGuide-R2 will continue to forward traffic to PassGuide–R1, but PassGuide–R1 will drop the traffic because its neighbor adjacency with PassGuide-R2 has failed.
C. . PassGuide-R2 will continue forwarding traffic to and through PassGuide-R1, but PassGuide-R1 will drop this traffic because it is not capable of maintaining its forwarding state
D. All the traffic PassGuide-R2 is forwarding to or through PassGuide-R1 will be dropped while OSPF rebuilds its neighbor adjacency and forwarding tables.
Correct Answer: A
QUESTION 2
In which way can the IPv6 address of 2031:0000:130F:0000:0000:09C0:876A:130B be expressed most efficiently?
A. 2031:0:130F:0:0:09C0:876A:130B
B. 2031::130F::9C0:876A:130B
C. 2031:0:130F::9C0:876A:130B
D. 2031:0:130F:0:0:9C0:876A:130B
Correct Answer: C
QUESTION 3
Internet Protocol version 6 (IPv6) is the next-generation Internet Layer protocol for packet-switched internetworks and the Internet. IPv6 router solicitation is:
A. A request made by a node for the IP address of the local router
B. A request made by a node to join a specified multicast group
C. A request made by a node for a DHCP provided IP address
D. A request made by a node for the IP address of the DHCP server
Correct Answer: A
QUESTION 4
Which two types of QoS functionality will be provided by Network-Based Application Recognition? (Choose two.)
A. NBAR provides the ability to configure MCQ; it is a mandatory MCQ component.
B. NBAR provides deep packet inspection and is used for advanced packet classification.
C. NBAR provides per-protocol packet and byte accounting functionality; it is used to track bandwidth utilization for all protocols described in the loaded PDLMs.
D. NBAR provides scheduling in an MQC policy map using an advanced algorithm.
Correct Answer: BC
QUESTION 5
Which IOS security feature is configured by the ip inspect inspection-name {in | out} command?

A. IPsec site-to-site VPN
B. Cisco AutoSecure
C. Cisco IOS Firewall
D. IPS
Correct Answer: C
QUESTION 6
If a Cisco switch is configured with VTPv1 in transparent mode, what is done with received VTP advertisements?
A. They are discarded
B. The contents are altered to reflect the switch’s own VTP database and then they are forward out all trunking ports
C. The changes within the advertisements are made to the switch’s VTP database.
D. The contents are ignored and they are forwarded out all trunking ports.
Correct Answer: A
QUESTION 7
Refer to the following descriptions, which three are true about Cisco spanning-tree features? (Choose three.)
A. RPVST+ converges faster than RSTP during a topology change.
B. STP BPDUs are relayed by all non-root bridges and RSTP BPDUs are generated by each bridge.
C. RSTP can only achieve rapid transition to Forwarding on edge ports and on point-to-point links.
D. RPVST+ and RSTP are both based upon the IEEE 802.1w specification.
Correct Answer: BCD
QUESTION 8
Which switch port error is an indication of duplex mismatches on 10/100/1000 IEEE 802.3u Gigabit Ethernet ports?
A. FCS errors
B. Runts
C. Multiple collisions
D. Alignment errors
Correct Answer: C

QUESTION 9
Which one of the following potential issues is eliminated by using split horizon?
A. Joined horizons
B. Packet forwarding loops
C. cisco Express Forwarding load-balancing inconsistency
D. Asymmetric routing throughout the network
Correct Answer: B
QUESTION 10
Phase I and Phase II DMVPN differ in terms of which of these characteristics?
A. Utilization of spoke-to-spoke dynamic tunnels
B. Utilization of multipoint GRE tunnels at the hub site
C. Utilization of hub-to-spoke dynamic tunnels
D. Support for multicast
Correct Answer: A
QUESTION 11
Policy-based routing allows network administrators to implement routing policies to allow or deny paths based on all of these factors except which one?
A. End system
B. Protocol
C. Application
D. Throughput
Correct Answer: D
QUESTION 12
Two routers are connected by a serial link, and are configured to run EIGRP on all interfaces. You examine the EIGRP neighbor table on both routers (using the show ip eigrp neighbor command) and see that the router connected over the serial link is listed as a neighbor for a certain amount of time, but is periodically removed from the neighbor table. None of the routes from the neighbor ever seem to be learned, and the neighbor transmission statistics (SRTT, RTO, and Q Count) seem to indicate that no packets are being transmitted between the neighbors. Which would most likely cause this problem?
A. While multicast packets are being successfully sent over the link, unicast packets are not
B. There is a bug in the EIGRP code that needs to be fixed.
C. This is correct behavior for the first few minutes of EIGRP neighbor formation. After four or five cycles, it should straighten itself out and the neighbor
D. The hello or hold intervals are set differently on the two routers.
Correct Answer: A
QUESTION 13
Which two steps below should you perform on the hub router while configuring EIGRP routing over DMVPN (mGRE tunnel)? (Choose two.)
A. Set the NHRP hold time to match the EIGRP hold time
B. Add the enable eigrp stub command
C. Add the disable eigrp as-member split-horizon command
D. Add the disable eigrp as-member next-hop-self command
Correct Answer: CD
QUESTION 14
Area Border Router (ABR) is a router located on the border of one or more OSPF areas that connect those areas to the backbone network. An ABR will inject a default route into which two types of areas? (Choose two.)
A. Area 0
B. NSSA
C. Totally stubby
D. Stub
Correct Answer: CD QUESTION 15
For the following protocols, which one provides a mechanism to transparently intercept and redirect CIFS traffic from a client to a local Cisco Wida Area Application engine?
A. Virtual Router Redundancy Protocol (VRRP)
B. File Transport Protocol (FTP)
C. Hot Standby Routing Protocol (HSRP)
D. Web Cache Communication Protocol (WCCP)

Correct Answer: D QUESTION 16
For the following items,what is the mathematical relationship between the committed information rate (CIR), committed burst (Bc), and committed rate measurement interval (Tc)?
A. CIR = TC / Bc
B. CIR = Be / Tc
C. Tc = CIR / Bc
D. Tc = Bc / CIR

Correct Answer: D QUESTION 17
When two bridges are competing for the root bridge of an IEEE 802.1D spanning tree and both have the same bridge priority configured, which parameter determines the winner?
A. highest-numbered IP interface
B. MAC address
C. device uptime
D. root port cost

Correct Answer: B QUESTION 18
Study the exhibit carefully. In this network, if all required configurations are true for routing. Subnet 10.1.1.0/24 is sourced by PG-A and advertised via BGP, OSPF, and EIGRP. Finally, PG-G knows this subnet. Which routing protocol and administrative distance can be used by PG-G to reach subnet 10.1.1.0/24?

A. EIGRP, AD 90
B. EIGRP, AD 170
C. OSPF, AD 110
D. BGP, AD 20

Correct Answer: A
QUESTION 19
For the following ports, which port is on every bridge in a Spanning Tree Protocol IEEE 802.1w network except the root bridge?
A. root port
B. backup port
C. designated port
D. alternate port
Correct Answer: A
QUESTION 20
IEEE 802.1w is a Rapid Spanning Tree Protocol (RSTP) that can be seen as an evolution of the 802.1 standard. What are the port roles described by 802.1w?
A. root port, designated port, alternate port, backup port, and disabled
B. standby port, alternate port, root port, and disabled
C. standby port, designated port, backup port, and disabled
D. root port, designated port, alternate port, and standby port
Correct Answer: A
QUESTION 21
This question is about the Spanning Tree Protocol (STP) root guard feature. What is the STP root guard feature designed to prevent?
A. a root port being transitioned to the blocking state
B. a port being assigned as a root port
C. a port being assigned as an alternate port
D. a root port being transitioned to the forwarding state
Correct Answer: B
QUESTION 22
As a network engineer, you responsibility is to install, configure, operate, and troubleshoot networks. In your company’s network, EIGRP is the routing protocol. You have just discovered that two routers restarted the neighbor relationship. Why? (Select two.)
A. An update packet with init flag set from a known, already established neighbor relationship was received by one of the routers.
B. The counters were deleted.
C. The ARP cache was removed.
D. The IP EIGRP neighbor relationship was cleared manually.
Correct Answer: AD
QUESTION 23
Which two statements are true about the role of split horizon? (Choose two.)
A. It is a function used by routing protocols to install routes into routing table
B. It is a function that prevents the advertising of routes over an interface that the router is using to reach a route
C. Its function is to help avoid routing loops.
D. It is a redistribution technique used by routing protocols
Correct Answer: BC
QUESTION 24
You are a network technician at PassGuide.com, study the exhibit carefully. In this EIGRP network, the output of the command show interface for the link between PG-R2 and PG-R5 indicates that the link load varies between 10 and 35. Which K value setting will be used to make sure that this link is not used by EIGRP when the link load reaches 35, but can be used again when the link load drops below 20?

A. Link load is not read in real time, so there is no way to set the K values to make EIGRP choose to use or not use a link based on the link load.
B. There is not enough information in the question to determine the correct answer.
C. Use the K5 setting to include load in EIGRP’s metric calculations.
D. Use the K2 setting to include load in EIGRP’s metric calculations.
Correct Answer: A QUESTION 25
Study the exhibit carefully. Two directly connected routers are configured with OSPF. The output presented in the exhibit can be seen on the console of one router. What most likely cause this problem?

A. The maximum transmission unit on either side of the link is not the same
B. This debug is wrong, OSPF does not exchange DBD packets
C. This is normal for OSPF running over an FDDI ring
D. OSPF has received a packet that will not fit in its local buffer, so the packet has been discarded.

Correct Answer: A
QUESTION 26
On the basis of the network provided in the exhibit, PG-R1 is injecting 10.1.5.0/24 by use of a network statement as a network (type 2) LSA. What LSAs will PG-R6 have in its local database for 10.1.5.0/24?

A. PG-R6 will not have any LSAs containing 10.1.5.0/24
B. PG-R6 will have a summary (type 3) LSA containing 10.1.5.0/24, generated by PG-R4 or PG-R5, the Area Border Routers for Area 2, its local area
C. PG-R6 will have the network (type 2) LSA generated by PG-R1 in Area 1 containing
D. PG-R6 will have a summary (type 3) LSA containing 10.1.5.0/24, generated by either PG- R2 or PG-R3, the Area Border Routers for area 1.
Correct Answer: A QUESTION 27
Based on the network provided in the exhibit, how to route the traffic arriving at PG-R1 for 10.1.3.1?

A. through PG-R3, since the path through PG-R3 is through the backbone
B. through PG-R2, because that is the only path available; no neighbor adjacency will be built between PG-R1 and PG-R2
C. through PG-R1, since the path through PG-R1 has the lowest hop count
D. through PG-R1, since the path through PG-R1 has the lowest total metric (10+10=20, versus 10+10 +10=30 through PG-R3)

Correct Answer: A
QUESTION 28
Look at the following exhibit carefully, there is no route to 10.1.4.0/24 in the local routing table. According to the output of PG-R1 in the exhibit, can you tell me why 10.1.4.0/24 is not in PG-R1’s routing table?

A. The forwarding address, 10.1.3.2, is also redistributed into OSPF, and an OSPF external route cannot use another OSPF external as its next hop
B. PG-R3 is not redistributing 10.1.4.0/24 properly.
C. PG-R2 is not properly configured as an Area Border Router
D. Area 1 is a stub area, and external routes cannot be originated in a stub area.
Correct Answer: A
QUESTION 29
You work as a network engineer for the PassGuide Company. Study the exhibit carefully. In this network, PG-R1 is redistributing 10.1.5.0/24 into OSPF, and PG-R2 is originating 10.1.4.0/24 as an internal route. PG-R6 has received packets destined to 10.1.4.1 and 10.1.5.1. Which statement is true about the path or paths these two packets will take?

A. The packet destined to 10.1.5.1 will follow the optimum path through the network, PG-R4 to PG-R1, while the packet destined to 10.1.4.1 will follow a suboptimal path through the network.
B. There is not enough information provided to determine which packet will take an optimal or suboptimal path through the network.
C. Both packets will follow optimal paths through the network to their destinations
D. The packet destined to 10.1.4.1 will follow an optimal path through the network, while the packet destined to 10.1.5.1 will follow a suboptimal path through the network
Correct Answer: A
QUESTION 30
Based on the network provided in the exhibit, in these two areas, all routers are performing OSPF on all interfaces. After examining the OSPF database on PG-R4, do you know which type of LSA will contain 10.1.5.0/24, and which router will have originated it?

A. 10.1.5.0/24 will be in a summary (type 3) LSA originated by PG-R3.
B. 10.1.5.0/24 will be in a router (type 1) LSA generated by PG-R3.
C. 10.1.5.0/24 will be in a network (type 2) LSA originated by PG-R3.
D. 10.1.5.0/24 will not be in any LSA in the OSPF database at PG-R4, because PG-R4 and PG-R3 are in different areas.
Correct Answer: A
QUESTION 31
On the basis of the exhibit provided, assuming that EIGRP is the routing protocol, then at R5, what would be the status of each path to 172.30.1.0/24?

A. the path through PG-R3 would be the successor, the path through PG-R1 would be a feasible successor, and the path through PG-R4 would be neither a successor nor a feasible successor
B. not enough information has been given to figure out what the status of each route would be
C. the path through PG-R3 would be the successor, and the paths through PG-R1 and PG-R4 would be feasible successors
D. the path through PG-R1 would be the successor, the path through PG-R3 would be a feasible successor, and the path through PG-R4 would be neither a successor nor feasible successor
Correct Answer: A
QUESTION 32
Based on the network displayed in the exhibit, both PG-R1 and PG-R2 are configured as EIGRP stub routers. If the link between PG-R1 and PG-R3 is down, will PG-R3 still be able to reach 192.168.1.0/24, and why or why not?

A. No. PG-R3 would remove its route to 192.168.1.0/24 through PG-R1, but would not query PG-R2 for an alternate route, since PG-R2 is a stub.
B. No. The path through PG-R2 would always be considered a loop at PG-R3.
C. Yes. When a directly connected link fails, a router is allowed to query all neighbors, including stub neighbors, for an alternate route.
D. Yes, because PG-R3 would know about both routes, through PG-R1 and PG-R2, before the link between PG-R1 and PG-R3 failed.
Correct Answer: A
QUESTION 33
Which statement best describes OSPF external LSAs (type 5)?
A. OSPF external LSAs are automatically flooded into all OSPF areas, unlike type 7 LSAs, which require that redistribution be configured.
B. External LSAs (type 5) are automatically changed to type 1 LSAs at ASBRs.
C. Type 5 LSAs are route summaries describing routes to networks outside the OSPF Autonomous System.
D. External network LSAs (type 5) redistributed from other routing protocols into OSPF are not permitted to flood into a stub area.
Correct Answer: D
QUESTION 34
This question is about the formation of OSPF adjacency. An OSPF adjacency will not form correctly across a point-to-point link in the same area. Which would most likely cause this problem?
A. Each interface has a different OSPF cost.
B. Each interface is configured with secondary addresses as well as primary addresses.
C. Each interface has a different MTU size.
D. Each interface is configured with the ip unnumbered loopback 0 command.
Correct Answer: C
QUESTION 35
Observe the following network presented in this exhibit carefully. Assume that all routers are running EIGRP in AS 100 on all connected links. If the link between PG-R3 and PG-R4 is down, how many queries will PG-R5 and PG-R6 receive?

A. PG-R6 will receive two queries, one for 192.168.1.0/24 and one for 192.168.2.0/24. PG-R5 will receive one query, for 192.168.1.0/24.
B. PG-R5 will receive one query, for 192.168.1.0/24, and PG-R6 will receive no queries
C. Both PG-R5 and PG-R6 will receive two queries, one for 192.168.1.0/24 and one for
D. Neither PG-R5 nor PG-R6 will receive any queries for either 192.168.1.0/24 or 192.168.2.0/24.
Correct Answer: A
QUESTION 36
Which description of the following is true according to the information shown in the figure?

A. PG-RTC will not have the 192.168.10.0 network in its routing table.
B. PG-RTC will not have the 10.0.0.0 network in its routing table.
C. PG-RTB will not have the 10.0.0.0 network in its routing table.
D. PG-RTB and PG-RTC will not have the 10.0.0.0 network in their routing tables.
Correct Answer: B QUESTION 37
Observe the following exhibit seriously, which path will be preferred by traffic destined to 10.1.3.1 and arriving at PG-R1?

A. through PG-R3, because PG-R1 will only have a summary (type 3) LSA from PG-R2
B. through PG-R2, since it is the path through Area 0
C. through PG-R3, since that is the lowest cost path (10+10 = 20, which is lower than 100)
D. through PG-R2; this is the only path available for PG-R1 to reach 10.1.3.0/24, since PG-R3 is in a different autonomous system than PG-R1 and PG-R2

Correct Answer: B
QUESTION 38
On the basis of the network provided in the exhibit, R3 and R4 are configured to run all connected links in OSPF Area 1. The network administrator is complaining that traffic destined to 192.168.1.0/24 is being routed to R2, even if R2 is not running OSPF. Which would be the cause of this problem?

A. The next hop towards 192.168.1.0/24 at PG-R4 should be 10.1.1.2, which is PG-R2.
B. The next hop towards 192.168.1.0/24 at PG-R4 should be 10.1.1.1, since PG-R1 is redistributing the route from EIGRP into OSPF. PG-R3 is forwarding traffic incorrectly.
C. The next hop towards 192.168.1.0/24 at PG-R4 should be 10.1.2.2, which is PG-R3. PG- R3 should be load-sharing between PG-R1 and PG-R2 for its next hop.
D. PG-R4 does not have a route towards 192.168.1.0/24, so the network administrator is wrong in thinking any traffic is being forwarded there.
Correct Answer: A
QUESTION 39
You are a network engineer at PassGuide.com, study the exhibit carefully. The company’s network is running EIGRP and you want to change the path PG-R5 uses to reach 172.30.1.0/24 to PG-R4. How could you achieve this goal?

A. Change the bandwidth on the link between PG-R2 and PG-R5 to 70, and change the bandwidth on the link between PG-R3 and PG-R5 to 70.
B. Change the bandwidth on the link between PG-R4 and PG-R5 to 110.
C. Change the bandwidth on the link between PG-R3 and PG-R5 to 70.
D. Do nothing, the best path to 172.30.1.0/24 from PG-R5 is already through PG-R4.
Correct Answer: A
QUESTION 40
On the basis of the network provided in the exhibit, all routers are configured to run EIGRP on all links. If the link between PG-R1 and PG-R2 fails, what is the maximum number of queries PG-R3 will receive for 192.168.1.0/24, assuming that all the packets sent during convergence are transmitted once (there are no dropped or retransmitted packets)?

A. PG-R3 will receive up to four queries for 192.168.1.0/24, one each from PG-R2, PG-R4, PG-R5, and PG-R6.
B. PG-R3 will receive up eight queries for 192.168.1.0/24, one from PG-R2, two from PG-R4, three from PG-R5, and four from PG-R6.
C. PG-R3 will receive one query for 192.168.1.0/24, since the remote routers, PG-R4, PG-R5, and PG-R6, are natural stubs in EIGRP.
D. PG-R3 will not receive any queries from PG-R2, because there are no alternate paths for 192.168.1.0/24.
Correct Answer: A
QUESTION 41
Based on the exhibit presented. PG-R2 does not have any 10.100.x.x routes in either its routing table or its BGP table. What will you do at PG-R5 to solve this problem?

A. Disable BGP synchronization.
B. Set the BGP next-hop-self command for neighbor PG-R2
C. Configure a static route for 10.100.0.0/16 to null0
D. Add a BGP network statement to encompass the serial link.
Correct Answer: C
QUESTION 42
Based on the output provided in the exhibit, to which address or location will the router forward a packet sent to 192.168.32.1?

A. 10.1.1.1
B. 10.1.1.2
C. 10.1.1.3
D. The default gateway
Correct Answer: A
QUESTION 43
Which two statements best describe CBWFQ? (Choose two.)

A. The CBWFQ scheduler provides a guaranteed minimum amount of bandwidth to each class.
B. CBWFQ services each class queue using a strict priority scheduler.
C. The class-default queue only supports WFQ.
D. Inside a class queue, processing is always FIFO, except for the class-default queue.
Correct Answer: AD
QUESTION 44
Which statement is true of a source that wants to transmit multicast traffic to group 239.1.1.1?

A. Before sending traffic, it must first join multicast group 239.1.1.1 by sending an IGMPv2 membership report to the default router on the local subnet.
B. It must send an IGMPv2 Request to Send packet and then wait for an IGMPv2 Clear to Send packet from the IGMPv2 querier router on the local subnet
C. It may begin transmitting multicast traffic to the group only when there is no other host transmitting to the group on the local subnet.
D. It may transmit multicast traffic to the group at any time.
Correct Answer: D QUESTION 45
Based on the exhibit presented. What will be the objective of this route map when applied to traffic passing through a router?

A. Take any packet sourced from any address in the 10.2.0.0/16 network or destined to
10.1.14.25 and set the next hop to 10.1.1.1
B. Take any packet sourced from any address in the 10.2.0.0/16 network and destined to
10.1.14.25 and set the next hop to 10.1.1.1
C. Nothing; extended access lists are not allowed in route maps used for policy-based routing
D. Drop any packet sourced from 10.2.0.0/16
Correct Answer: A
QUESTION 46
You work as a network technician at Company.com, study the exhibit provided. You are implementing this QoS configuration to improve the bandwidth guarantees for traffic towards two servers, one with the IP address 5.5.5.5 and the other with the IP address 5.5.5.4. Even after the configuration is applied, performance does not seemto improve. Which will be the most likely cause of this problem?

A. The policy map mark has been applied on a half-duplex Ethernet interface; this is not supported.
B. The policy map queue is configured on the wrong interface; it is applied on the serial interface whereas traffic is going over the tunnel interface.
C. The class maps are wrongly configured
D. The ip nbar protocol-discover command cannot be configured together with a service policy output on the serial interface.
E. This is probably a software bug
Correct Answer: C
QUESTION 47
Drag and drop question. Drag the items to the proper locations.

Select and Place: Correct Answer:

Cisco 350-001 only advanced and equipped with much more features,it is also not internet dependent,once installed.It enables you to see Interconnecting Cisco Networking Devices in a simulated Cisco 350-001 exam environment.Working with Cisco 350-001  Interactive Testing Engine is like passing an actual Cisco 350-001 exam.

Valid Cisco 350-001 Exam Practice Test To Pass Exam Easily Free Download With All New Latest Exam Questions

Exam A
QUESTION 1
When initiating a new SSL/TLS session, the client receives the server SSL certificate and validates it. What does the client use the certificate for after validating it? Select the best response.
A. The client and server use the key in the certificate to encrypt all data in the following SSL session.
B. The server creates a separate session key and sends it to the client. The client has to decrypt the session key using the server public key from the certificate.
C. The client creates a separate session key and encrypts it with the server public key from the certificate before sending it to the server.
D. Nothing, the client and server switch to symmetric encryption using IKE to exchange keys.
E. The client generates a random string, encrypts it with the server public key from the certificate, and sends it to the server. Both the client and server derive the session key from the random data sent by the client.
Correct Answer: E
QUESTION 2
Which three of these statements describe how DNSSEC prevents DNS cache poisoning attacks from
succeeding? (Choose three.)
Select 3 response(s).

A. DNSSEC encrypts all records with domain-specific keys.
B. DNSSEC eliminates caching and forces all answers to be authoritative.
C. DNSSEC introduces KEY records that hold domain-specific public keys.
D. DNSSEC deprecates CNAME records and replaces them with DS records.
E. DNSSEC utilizes DS records to establish a trusted hierarchy of zones.
F. DNSSEC signs all records with domain-specific keys.
Correct Answer: CEF
QUESTION 3
Which two of the following statements describe why TACACS+ is more desirable from a security
standpoint than RADIUS? (Choose two.)
Select 2 response(s).

A. It uses UDP as its transport.
B. It uses TCP as its transport.
C. It encrypts the password field with a unique key between server and requester.
D. Encrypting the whole data payload is optional.
E. Authentication and authorization are combined into a single query for robustness.
Correct Answer: BD
QUESTION 4
When using Cisco SDM to manage a Cisco IOS device, what configuration statements are necessary to be
able to use Cisco SDM?
Select the best response.

A. ip http server
B. ip http secure-server
C. ip http server sdm location X.X.X.X
D. ip http secure-server sdm location X.X.X.X
E. ip http server ip http secure-server
Correct Answer: A
QUESTION 5
In regards to private address space, which three of the following statements are true? (Choose three.) Select 3 response(s).
A. Private address space is defined in RFC 1918.
B. These IP addresses are considered private:
10.0.0.0
172.15.0.0
192.168.0.0
C. Private address space is not supposed to be routed over the Internet.
D. 127.0.0.1 is also considered part of private address space, according to the RFC.
E. Using only private address space and NAT to the Internet is not considered as secure as having a stateful firewall.
Correct Answer: ACE
QUESTION 6
A firewall administrator received this syslog message from his adaptive security appliance. What can the firewall administrator infer from the message? Select the best response.
A. The server at 209.165.201.10 is under a smurf attack.
B. The server at 10.1.1.20 is under a SYN attack.
C. The client at 209.165.201.10 has been infected with a virus.
D. The server at 10.1.1.20 is under a smurf attack. Certkey.com – Make You Succeed To Pass IT Exams Certkey 350-018
Correct Answer: B
QUESTION 7
Which two of the following statements are attributed to stateless filtering? (Choose two.) Select 2 response (s).
A. The first TCP packet in a flow must be a SYN packet.
B. It must process every packet against the inbound ACL filter.
C. It can look at sequence numbers to validate packets in flow.
D. It must implement an idle timeout.
E. It can be used in asymmetrical traffic flows.
Correct Answer: BE

QUESTION 8
Which three of the following are attributes of the RADIUS protocol? (Choose three.) Select 3 response(s).
A. encrypts the password
B. hashes the password
C. uses UDP as the transport
D. uses TCP as the transport
E. combines authentication and authorization in a single request
F. commonly used to implement command authorization
Correct Answer: BCE
QUESTION 9
Which two of the following commands are required to implement a Cisco Catalyst 6500 Series FWSM?
(Choose two.)
Select 2 response(s).

A. firewall multiple-vlan-interfaces
B. firewall module x vlan-group y
C. module x secure-traffic
D. firewall vlan-group
E. firewall module x secure-traffic
Correct Answer: BD
QUESTION 10
If an administrator is unable to connect to a Cisco ASA or PIX security appliance via Cisco ASDM, which four of the following items should be checked? (Choose four.) Select 4 response(s).
Certkey.com – Make You Succeed To Pass IT Exams Certkey 350-018
A. The HTTPS server is enabled.
B. The HTTP server is enabled.
C. The user IP address is permitted in the interface ACL.
D. The user IP address is permitted in the HTTP statement.
E. The ASDM file resides in flash memory.
F. The asdm image command exists in the configuration.
Correct Answer: BDEF

100% Valid Download Latest Cisco 350-001 Practice Test With All New Latest Exam Questions

Exam A
QUESTION 1
A.
B.
C.
D.
Correct Answer:
QUESTION 2
What is the purpose of an explicit “deny any” statement at the end of an ACL?
A. none, since it is implicit
B. to enable Cisco lOS IPS to work properly; however, it is the deny all traffic entry that is actuallyrequired
C. to enable Cisco lOS Firewall to work properly; however, it is the deny all traffic entry that is actuallyrequired
D. to allow the log option to be used to log any matches
E. to prevent sync flood attacks
F. to prevent half-opened TCP connections
Correct Answer: D
QUESTION 3
Which of these is mandatory when configuring Cisco IOS Firewall?
A. Cisco IOS IPS enabled on the untrusted interface
B. NBAR enabled to perform protocol discovery and deep packet inspection
C. a route map to define the trusted outgoing traffic
D. a route map to define the application inspection rules
E. an inbound extended ACL applied to the untrusted interface
Correct Answer: E
QUESTION 4
Which statement correctly describes the disabling of IP TTL propagation in an MPLS network?
A. The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the ingress edge LSR.
B. TTL propagation cannot be disabled in an MPLS domain.
C. TTL propagation is only disabled on the ingress edge LSR,
D. The TTL field of the MPLS label header is set to 255.
E. The TTL field of the IP packet is set to 0.
Correct Answer: D
QUESTION 5
Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer, including the correct BGP session endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall?
A. Attempt to TELNET from the router connected to the inside of the firewall to the router connected to the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data.
B. Ping from the router connected to the inside interface of the firewall to the router connected to the outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transport packets.
C. There is no way to make BGP work across a firewall without special configuration, so there is no simple test that will show you if BGP will work or not, other than trying to start the peering session.
D. There is no way to make BGP work across a firewall.
Correct Answer: A
QUESTION 6
Spanning Tree Protocol IEEE 802.1 s defines the ability to deploy which of these?
A. oneglobal STP instance for all VLANs
B. one STP instance for each VLAN
C. one STP instance per set of VLANs
D. oneSTP instance per set of bridges
Correct Answer: C
QUESTION 7
Which two of these are used in the selection of a root bridge in a network utilizing Spanning Tree Protocol IEEE 802.1 D? (Choose two.)
A. Designated Root Cost
B. bridge ID priority
C. max age
D. bridge ID MAC address
E. Designated Root Priority
F. forward delay
Correct Answer: BD
QUESTION 8
If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which state?
A. learning state
B. listening state
C. forwarding state
D. root-inconsistent state
Correct Answer: D

QUESTION 9
What is the purpose of the STP PortFast BPDU guard feature?
A. enforce the placement of the root bridge in the network
B. ensure that a port is transitioned to a forwarding state quickly if a BPDU is received
C. enforce the borders of an STP domain
D. ensure that any BPDUs received are forwarded into the STP domain
Correct Answer: C
QUESTION 10
When STP UplinkFast is enabled on a switch utilizing the default bridge priority, what will the new bridge priority be changed to?
A. 8192
B. 16384
C. 49152
D. 65535
Correct Answer: C

Cisco 350-001 test: High Pass Rate Cisco 350-001 Download Flydumps Ensure You 100% Pass Flydumps

Exam A
QUESTION 1
What is the purpose of an explicit “deny any” statement at the end of an ACL?
A. none, since it is implicit
B. to enable Cisco IOS IPS to work properly; however, it is the deny all traffic entry that is actually required
C. to enable Cisco IOS Firewall to work properly; however, it is the deny all traffic entry that is actually required
D. to allow the log option to be used to log any matches
E. to prevent sync flood attacks
F. to prevent half-opened TCP connections
Correct Answer: D
QUESTION 2
Which of these is mandatory when configuring Cisco IOS Firewall?
A. Cisco IOS IPS enabled on the untrusted interface
B. NBAR enabled to perform protocol discovery and deep packet inspection
C. a route map to define the trusted outgoing traffic
D. a route map to define the application inspection rules
E. an inbound extended ACL applied to the untrusted interface
Correct Answer: E
QUESTION 3
Which statement correctly describes the disabling of IP TTL propagation in an MPLS network?
A. The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the ingress edge LSR.
B. TTL propagation cannot be disabled in an MPLS domain.
C. TTL propagation is only disabled on the ingress edge LSR.
D. The TTL field of the MPLS label header is set to 255.
E. The TTL field of the IP packet is set to 0.
Correct Answer: D
QUESTION 4
Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer, including the correct BGP session endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall?
A. Attempt to TELNET from the router connected to the inside of the firewall to the router connected to the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data.
B. Ping from the router connected to the inside interface of the firewall to the router connected to the outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transport packets.
C. There is no way to make BGP work across a firewall without special configuration, so there is no simple test that will show you if BGP will work or not, other than trying to start the peering session.
D. There is no way to make BGP work across a firewall.
Correct Answer: A
QUESTION 5
Spanning Tree Protocol IEEE 802.1s defines the ability to deploy which of these?
A. one global STP instance for all VLANs
B. one STP instance for each VLAN
C. one STP instance per set of VLANs
D. one STP instance per set of bridges
Correct Answer: C
QUESTION 6
Which two of these are used in the selection of a root bridge in a network utilizing Spanning Tree Protocol IEEE 802.1D? (Choose two.)
A. Designated Root Cost
B. bridge ID priority
C. max age
D. bridge ID MAC address
E. Designated Root Priority
F. forward delay
Correct Answer: BD
QUESTION 7
If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which state?
A. learning state
B. listening state
C. forwarding state
D. root-inconsistent state
Correct Answer: D
QUESTION 8
What is the purpose of the STP PortFast BPDU guard feature?
A. enforce the placement of the root bridge in the network
B. ensure that a port is transitioned to a forwarding state quickly if a BPDU is received
C. enforce the borders of an STP domain
D. ensure that any BPDUs received are forwarded into the STP domain
Correct Answer: C
QUESTION 9
When STP UplinkFast is enabled on a switch utilizing the default bridge priority, what will the new bridge priority be changed to?
A. 8192
B. 16384
C. 49152
D. 65535
Correct Answer: C
QUESTION 10
Which of these best describes the actions taken when a VTP message is received on a switch configured with the VTP mode “transparent”?
A. VTP updates are ignored and forwarded out all ports.
B. VTP updates are ignored and forwarded out trunks only.
C. VTP updates are made to the VLAN database and are forwarded out trunks only.
D. VTP updates are ignored and are not forwarded.
Correct Answer: B
QUESTION 11
Refer to the exhibit. In this network, R1 has been configured to advertise a summary route,
192.168.0.0/22, to R2. R2 has been configured to advertise a summary route, 192.168.0.0/21,
to R1. Both routers have been configured to remove the discard route (the route to null
created when a summary route is configured) by setting the administrative distance of the
discard route to 255.
What will happen if R1 receives a packet destined to 192.168.3.1?
Exhibit:

A. The packet will loop between R1 and R2
B. It is not possible to set the administrative distance on a summary to 255
C. The packet will be forwarded to R2, where it will be routed to null0
D. The packet will be dropped by R1, since there is no route to 192.168.3.1.
Correct Answer: A
QUESTION 12
Refer to the exhibit. In this network, R1 is configured not to perform autosummarization within EIGRP. What routes will R3 learn from R2 through EIGRP?

A. 172.30.1.0/24 and 10.1.2.0/24; EIGRP only performs autosummarization at the edge between two major networks.
B. 172.30.0.0/16 and 10.1.2.0/24; R2 will perform autosummarization, although R1 will not.
C. Since R2 is configured without autosummarization, it will not propagate the 172.30.1.0/24 route.
D. 172.30.0.0/8 and 10.0.0.0/8.
Correct Answer: A
QUESTION 13
The classic Spanning Tree Protocol (802.1D 1998) uses which sequence of variables to determine the best received BPDU?
A. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest port id, 4) lowest root path cost
B. 1) lowest root path cost, 2) lowest root bridge id, 3) lowest sender bridge id, 4) lowest sender port id
C. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest root path cost 4) lowest sender port id
D. 1) lowest root bridge id, 2) lowest root path cost, 3) lowest sender bridge id, 4) lowest sender port id
Correct Answer: D
QUESTION 14
Which three port states are used by RSTP 802.1w? (Choose three.)
A. Listening
B. Learning
C. Forwarding
D. Blocking
E. Discarding
F. Disabled
Correct Answer: BCE