Which two EIGRP packet types are considered to be unreliable packets? (Choose two.)
Correct Answer: DE
Before BGP update messages may be sent, a neighbor must stabilize into which neighbor state?
Correct Answer: D
Which three statements are correct when comparing Mobile IPv6 and Mobile IPv4 support? (Choose three.)
A. Mobile IPv6 does not require a foreign agent, but Mobile IPv4 does.
B. Mobile IPv6 supports route optimization as a fundamental part of the protocol; IPv4 requires extensions.
C. Mobile IPv6 and Mobile IPv4 use a directed broadcast approach for home agent address discovery.
D. Mobile IPv6 makes use of its own routing header; Mobile IPv4 uses only IP encapsulation.
E. Mobile IPv6 and Mobile IPv4 use ARP for neighbor discovery.
F. Mobile IPv4 has adopted the use of IPv6 ND.
Correct Answer: ABD
Which protocol does 802.1X use between the supplicant and the authenticator to authenticate users who wish to access the network?
D. EAP over LAN
Correct Answer: D
Refer to the exhibit. Which message could contain an authenticated initial_contact notify during IKE main mode negotiation?
“First Test, First Pass” – www.lead2pass.com 4 Cisco 350-018 Exam
A. message 3
B. message 5
C. message 1
D. none, initial_contact is sent only during quick mode
E. none, notify messages are sent only as independent message types
Correct Answer: B
Which two statements are correct regarding the AES encryption algorithm? (Choose two.)
A. It is a FIPS-approved symmetric block cipher.
B. It supports a block size of 128, 192, or 256 bits.
C. It supports a variable length block size from 16 to 448 bits.
D. It supports a cipher key size of 128, 192, or 256 bits.
E. The AES encryption algorithm is based on the presumed difficulty of factoring large integers.
Correct Answer: AD
What are two benefits of using IKEv2 instead of IKEv1 when deploying remote-access IPsec VPNs? (Choose two.)
A. IKEv2 supports EAP authentication methods as part of the protocol.
B. IKEv2 inherently supports NAT traversal.
C. IKEv2 messages use random message IDs.
D. The IKEv2 SA plus the IPsec SA can be established in six messages instead of nine messages.
E. All IKEv2 messages are encryption-protected.
Correct Answer: AB
DNSSEC was designed to overcome which security limitation of DNS?
A. DNS man-in-the-middle attacks
B. DNS flood attacks
C. DNS fragmentation attacks
D. DNS hash attacks
E. DNS replay attacks
F. DNS violation attacks
Correct Answer: A
Which three statements are true about MACsec? (Choose three.)
A. It supports GCM modes of AES and 3DES.
B. It is defined under IEEE 802.1AE.
C. It provides hop-by-hop encryption at Layer 2.
D. MACsec expects a strict order of frames to prevent anti-replay.
E. MKA is used for session and encryption key management.
F. It uses EAP PACs to distribute encryption keys.
Correct Answer: BCE
Which SSL protocol takes an application message to be transmitted, fragments the data into manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit in a TCP segment?
A. SSL Handshake Protocol
B. SSL Alert Protocol
C. SSL Record Protocol
D. SSL Change CipherSpec Protocol
Correct Answer: C