Ensurepass

QUESTION 271

What is the advantage of using the ESP protocol over the AH?

 

A.

data confidentiality

B.

data integrity verification

C.

nonrepudiation

D.

anti-replay protection

 

Correct Answer: A

 

QUESTION 272

What applications take advantage of a DTLS protocol?

 

A.

delay-sensitive applications, such as voice or video

B.

applications that require double encryption

C.

point-to-multipoint topology applications

D.

applications that are unable to use TLS

 

Correct Answer: A

 

 

QUESTION 273

What mechanism does SSL use to provide confidentiality of user data?

 

A.

symmetric encryption

B.

asymmetric encryption

C.

RSA public-key encryption

D.

Diffie-Hellman exchange

 

Correct Answer: A

 

 

QUESTION 274

What action does a RADIUS server take when it cannot authenticate the credentials of a user?

 

A.

An Access-Reject message is sent.

B.

An Access-Challenge message is sent, and the user is prompted to re-enter credentials.

C.

A Reject message is sent.

D.

A RADIUS start-stop message is sent via the accounting service to disconnect the session.

 

Correct Answer: A

 

 

QUESTION 275

Which transport mechanism is used between a RADIUS authenticator and a RADIUS authentication server?

 

A.

UDP, with only the password in the Access-Request packet encrypted.

B.

UDP, with the whole packet body encrypted.

C.

TCP, with only the password in the Access-Request packet encrypted.

D.

EAPOL, with TLS encrypting the entire packet.

E.

UDP RADIUS encapsulated in the EAP mode enforced by the authentication server.

 

Correct Answer: A

 

 

QUESTION 276

Which three statements about the TACACS protocol are correct? (Choose three.)

 

A.

TACACS+ is an IETF standard protocol.

B.

TACACS+ uses TCP port 47 by default.

C.

TACACS+ is considered to be more secure than the RADIUS protocol.

D.

TACACS+ can support authorization and accounting while having another separate authentication solution.

E.

TACACS+ only encrypts the password of the user for security.

F.

TACACS+ supports per-user or per-group for authorization of router commands.

 

Correct Answer: CDF

 

 

QUESTION 277

Which three EAP methods require a server-side certificate? (Choose three.)

 

A.

PEAP with MS-CHAPv2

B.

EAP-TLS

C.

EAP-FAST

D.

EAP-TTLS

E.

EAP-GTP

 

Correct Answer: ABD

 

 

QUESTION 278

Which statement is true about EAP-FAST?

 

A.

It supports Windows single sign-on.

B.

It is a proprietary protocol.

C.

It requires a certificate only on the server side.

D.

It does not support an LDAP database.

 

Correct Answer: A

 

 

QUESTION 279

Which four attributes are identified in an X.509v3 basic certificate field? (Choose four.)

 

A.

key usage

B.

certificate serial number

C.

issuer

D.

subject name

E.

signature algorithm identifier

F.

CRL distribution points

G.

subject alt name

 

Correct Answer: BCDE

 

 

QUESTION 280

What is the purpose of the OCSP protocol?

 

A.

checks the revocation status of a digital certificate

B.

submits a certificate signing request

C.

verifies a signature of a digital certificate

D.

protects a digital certificate with its private key

 

Correct Answer: A

 

Free VCE & PDF File for Cisco 350-018 Practice Tests

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …

Comments are closed.