In order to reassemble IP fragments into a complete IP datagram, which three IP header fields are
referenced by the receiver? (Choose three.)
A.
don’t fragment flag
B.
packet is fragmented flag
C.
IP identification field
D.
more fragment flag
E.
number of fragments field
F.
fragment offset field
Explanation:
I think it should be A, D and F.
Flags part has “Don’t fragment” and “More fragments”.
Then the IP header has “Fragment offset”.
but the answer is C,D,F
Yes the correct answer is A, D and F.
As you mentioned by @Bo there are three flags
Dont fragment
More fragment
Fragment Offset.
Source:-
http://www.tcpipguide.com/free/t_IPDatagramGeneralFormat.htm
I’m very grateful to cisexams for their impressive training product for the CCIE Pre-Qualification Test for Security Pass4sure 350-018 CCIE Pre-Qualification Test for Security Practice exam.I could not have had this success not using the guide.
Some New 350-018 Exam Questions and Answers Updated Recently !!!
NEW QUESTION 1
Refer to the exhibit. Which three descriptions of the configuration are true? (Choose three)
READ IMAGE — http://www.mcsdbible.com/new-exam-dumps-share-passleader-new-717q-350-018-exam-questions.html
A. The tunnel encapsulates multicast traffic.
B. The tunnel provides data confidentiality.
C. This tunnel is a point-to-point GRE tunnel.
D. The configuration is on the NHS.
E. The tunnel is not providing peer authentication.
F. The tunnel IP address represents the NBMA address.
G. The configuration is on the NHC.
Answer: ABD
NEW QUESTION 2
Which statement about the fragmentation of IPsec packets in routers is true?
A. By default, the router knows the IPsec overhead to add to the packet, performs a lookup if the packet will exceed egress physical interface IP MTU after encryption, then fragments the packet before encrypting and separately encrypts the resulting IP fragments.
B. By default if the packet size exceeds MTU of the egress physical interface, it will be dropped.
C. By default if the packet size exceeds MTU of ingress physical interface, it will be fragmented and sent without encryption.
D. By default, the IP packets that need encryption are first encrypted with ESP, if the resulting encrypted packet exceeds the IP MTU on the egress physical interface, the the encrypted packet is fragmented before being sent.
Answer: A
NEW QUESTION 3
Which two statements about ISO 27001 are true? (Choose two)
A. It was formerly known as BS7799-2.
B. It is an Information Security Management Systems specification.
C. It is an ISO 17799 code of practice.
D. It is a code of practice for Informational Social Management.
E. It is closely aligned to ISO 22000 standards.
Answer: AB
NEW QUESTION 4
Depending on configuration, which two behaviors can the ASA classifier exhibit when it receives unicast traffic on an interface that is shared by multiple contexts? (Choose two)
A. It is classified using the destination address of the packet using the routing table.
B. It is classified using the destination address of the packet using the NAT table.
C. It is classified by copying and sending the packet to all the contexts.
D. It is classified using the destination MAC address of the packet.
E. It is classified using the destination address of the packet using the connection table.
Answer: BD
NEW QUESTION 5
Refer to the exhibit. Which configuration prevents R2 from becoming a PIM neighbor with R1?
READ IMAGE — http://www.mcsdbible.com/new-exam-dumps-share-passleader-new-717q-350-018-exam-questions.html
A. access-list 10 deny 192.168.1.2 0.0.0.0
!
Interface gi0/0
ip pim neighbor-filter 10
B. access-list 10 deny 192.168.1.2 0.0.0.0
!
Interface gi0/0
ip pim neighbor-filter 1
C. access-list 10 deny 192.168.1.2 0.0.0.0
!
Interface gi0/0
ip igmp access-group 10
D. access-list 10 permit 192.168.1.2 0.0.0.0
!
Interface gi0/0
ip pim neighbor-filter 10
Answer: A
NEW QUESTION 6
Which statement is true about the PKI deployment using Cisco IOS devices?
A. During the enrollment, CA or RA signs the client certificate request with it’s public key.
B. RA is capable to publish the CRLs.
C. Certificate Revocation is not supported by SCEP protocol.
D. RA is used for accepting the enrollment requests.
E. Peers use private keys in their certificates to negotiate IPSec SAs to establish the secure channel.
Answer: D
NEW QUESTION 7
Refer to the exhibit. Which two statements correctly describe the debug output? (Choose two)
READ IMAGE — http://www.mcsdbible.com/new-exam-dumps-share-passleader-new-717q-350-018-exam-questions.html
A. The message is observed on the NHS
B. The NHRP hold time is 3 hours
C. The local non-routable address is 20.10.10.3
D. The message is observed on the NHC
E. The remote routable address 91.91.91.1
F. The remote VPN address is 180.10.10.1
Answer: DF
NEW QUESTION 8
Which statement about the Cisco Secure ACS Solution Engine TACACS+ AV pair is true?
A. AV pairs are of two type: sting and integer.
B. AV pairs must be enabled only on Cisco Secure ACS for successful implementation.
C. AV pairs are only string values.
D. The Cisco Secure ACS Solution Engine does not support accounting AV pairs.
Answer: C
NEW QUESTION 9
Of which IPS application is Event Store a component?
A. MainApp
B. InterfaceApp
C. AuthenticationApp
D. NotificationApp
E. SensorApp
Answer: A
NEW QUESTION 10
When attempting to use basic HTTP authentication a client, which type of HTTP message should the server use?
A. HTTP 302 with an Authenticate header
B. HTTP 200 with a WWW-Authenticate header
C. HTTP 401 with a WWW-Authenticate header
D. HTTP 407
Answer: C
NEW QUESTION 11
In traceroute, which ICMP message indicates that the packet is dropped by a router in the path?
A. Type 3, Code 1
B. Type 11, Code 0
C. Type 5, Code 1
D. Type 3, Code 3
E. Type 11, Code 1
Answer: B
NEW QUESTION 12
……
P.S. These New 350-018 Exam Questions Were Updated By PassLeader, You Can Get The Newest 350-018 Dumps In PDF And VCE From — http://www.passleader.com/350-018.html
Good Luck For Everyone !!!
New 350-018 Exam Questions and Answers Updated Recently (31/May/2016):
NEW QUESTION 685
What protocol is responsible for issuing certificates?
A. SCEP
B. AH
C. GET
D. ESP
E. DTLS
Answer: A
NEW QUESTION 686
Refer to the exhibit. Which statement about the effect of this command is true?
Image URL: examgod.com/plimages/5512ca113422_10297/new-350-018-dumps-6861_thumb.jpg
A. It lists the current protocol-to-port mappings of NBAR.
B. It lists traffic that is packet switched and bypassed by NBAR.
C. It lists the number of packets processed for unknown and unclassified flows.
D. It lists the attributes configured for unknown and unclassified flows.
E. It displays the link age for unknown and unclassified flows.
Answer: D
NEW QUESTION 687
Which four of these attacks or wireless tools can the standard IDS signatures on a wireless LAN controller detect? (Choose four.)
A. long HTTP request
B. SYN flood
C. Deauthorization flood
D. NetStumbler
E. Wellenreiter
F. Association flood
G. AirSnort
H. Fragment Overlap attack
Answer: CDEG
NEW QUESTION 688
What Cisco IOS feature prevents an attacker from filling up the MTU cache for locally generated traffic when using path MTU discovery?
A. Use NetFlow information to export data to a workstation.
B. Force all traffic to send 1280-byte Packets by hard coding the MSS.
C. Enable flow-label marking to track packet destination.
D. Enable flow-label switching to track IPv6 packets in the MPLS cloud.
E. Always use packets of 1500-byte size or larger.
Answer: C
NEW QUESTION 689
What technology can you implement on your network to allow Independent applications to work with IPv6-capable applications?
A. DS-Lite
B. NAT-PT
C. ISATAP
D. NAT 6to4
E. NAT64
Answer: E
NEW QUESTION 690
Which three of these statements about a zone-based policy firewall are correct? (Choose three.)
A. An interface can be assigned to only one security zone.
B. By default, all traffic to and from an interface that belongs to a security zone is dropped unless explicitly allowed in the zone-pair policy.
C. Firewall policies, such as the past, inspect, and drop actions, can only be applied between two zones.
D. In order to pass traffic between two interfaces that belong to the same security zone, you must configure a pass action using class-default.
E. Traffic cannot flow between a zone member interface and any interface that is not a zone member.
Answer: ACE
NEW QUESTION 691
Refer to the exhibit. What is the maximum number of hops from the device that generated the given output to its BGP neighbor at 4.4.4.4?
Image URL: examgod.com/plimages/5512ca113422_10297/new-350-018-dumps-6911_thumb.jpg
A. 3
B. 252
C. 5
D. 255
E. 2
F. 254
Answer: A
NEW QUESTION 692
Which two statements about 802.1x authentication with port security are true? (Choose two.)
A. If any client causes a security violation, the port is immediately placed in spanning-tree disabled mode.
B. An entry is created in the secure host table for any client that is authenticated and manually configured for port security, even if the table is full.
C. 802.1x manages network access for all authorized MAC addresses.
D. If a client is authenticated and the port security table is full, the oldest client is aged out.
E. If any host causes a security violation, the port is immediately error-disabled.
Answer: BE
NEW QUESTION 693
Refer to the exhibit.Which as-path access-list regular expression should be applied on R2 as a neighbor filter list to only allow updates with an origin of AS 65503?
Image URL: examgod.com/plimages/5512ca113422_10297/new-350-018-dumps-6931_thumb.jpg
A. _65503.?$
B. ^65503 .*
C. 65503
D. _65503_
E. _65503$
F. ^65503$
Answer: B
NEW QUESTION 694
If an ASA device is configured as a remote access IPsec server with RADIUS authentication and password management enabled, which type of authentication will it use?
A. MS-CHAFV2
B. MS-CHAPv1
C. RSA
D. NTLM
E. PAP
Answer: E
NEW QUESTION 695
……
NEW QUESTION 707
Drag and drop the step in the Cisco ASA packet processing flow on the left into the correct order of operations on the right.
Image URL: examgod.com/plimages/5512ca113422_10297/new-350-018-dumps-7071_thumb.jpg
Answer:
Image URL: examgod.com/plimages/5512ca113422_10297/new-350-018-dumps-7072_thumb.jpg
NEW QUESTION 708
……
P.S. These New 350-018 Exam Questions Were Just Updated From The Real 350-018 Exam, You Can Get The Newest 350-018 Dumps In PDF And VCE From — http://bitly.com/350-018-dumps-vce-pdf (788q)
Good Luck !!!
BTW, NEW 350-018 PDF Dumps from Google Drive for Free: https://drive.google.com/open?id=0B-ob6L_QjGLpfjE1cHRyNEtmX3JfdU9CUFlRZnVxNjZUbWxsSnBpNXM0QjZYZjBXZVgyOTQ
New 350-018 Exam Questions and Answers Updated Recently (23/Sep/2016):
NEW QUESTION 817
The computer at 10.10.10.4 on your network has been infected by a bontnet that directs traffic to a malware site at 168.65.201.120 Assuming that filtering will be performed on a Cisco ASA. What command can you use to block all current and future connections from the infected host?
A. ip access-list extended BLOCK_BOT_OUT deny ip any host 10.10.10.4
B. shun 168.65.201.120 10.10.10.4 6000 80
C. ip access-list extended BLOCK_BOT_OUT deny ip host 10.10.10.4 host 168.65.201.120
D. shun 10.10.10.4 68.65.201.120 6000 80
Answer: B
NEW QUESTION 818
Refer to the exhibit. Which effect of this configuration is true?
Image: examgod.com/plimages/0213cca9c00f_8D01/new-350-018-exam-dumps-8181_thumb.jpg
A. The MSS of TCP SYN packets is set to 1452 bytes and the IP MTU of the interface is set to 1942 bytes
B. The maximum size of TCP SYN+ACK packets passing the transient host is set to 1452 bytes and the IP MTU of the interface is set to 1492 bytes
C. The PMTUD values sets itself to 1452 bytes when the interface MTU is set to 1492 bytes
D. SYN packets carries 1452 bytes in the payload when the Ethernet MTU of the interface is to 1492 bytes
E. The maximum size of TCP SYN+ACK packets passing the router is set to 452 bytes and the IP MTU of the interface is set to 1492 bytes
Answer: A
NEW QUESTION 819
Refer to the exhibit. Which effect of this configuration is true?
Image: examgod.com/plimages/0213cca9c00f_8D01/new-350-018-exam-dumps-8191_thumb.jpg
A. It configures the node to generate a link-locak group report when it joins the solicited-node multicast group
B. It enables local group membership for MLDv1 and MLDv2
C. It enables hosts to send MLD report messages for groups in 224.0.0.0/24
D. It enables MLD query messages for all link-local groups
E. It enables the host to send MLD report messages for nonlink local groups
Answer: C
NEW QUESTION 820
You have configured an ASA firewall in multiple context mode. If the context are sharing an Interface. What are two of the actions you could take to classify packets to the appropriate Context? (Choose two)
A. Enable DHCP
B. Disable MAC auto-generation and adding unique IP addresses to each interface
C. Enable MAC auto-generation globally
D. Assign a unique MAC address to each interface
E. Apply QoS to each interface
Answer: CD
NEW QUESTION 821
Refer to the exhibit. What is the effect of the given configuration?
Image: examgod.com/plimages/0213cca9c00f_8D01/new-350-018-exam-dumps-8211_thumb.jpg
A. It requires the enable password to be authorized by the LOCAL database
B. It allows users to log in with any user name in the LOCAL database
C. It enables management authorization for a user-authenticated RADIUS server
D. Users will be authenticated against the RADIUS servers defined in the adm_net list
E. It allows SSH connections to console login into the ASA
Answer: D
NEW QUESTION 822
What feature enables extended secure access form non-secure physical locations?
A. NEAT
B. 802.1X port-based authentication
C. port security
D. storm-control
E. CBAC
Answer: A
NEW QUESTION 823
What are the two technologies that support AFT?(Choose two)
A. NAT-6to 4
B. NAT-PT
C. DNAT
D. NAT64
E. NAT-PMP
F. SNAT
Answer: BD
NEW QUESTION 824
On an ASA firewall in multiple context mode running version 8.X, what is the default number of VPN site-to-site tunnels per context?
A. 2 sessions
B. 4 sessions
C. 1 session
D. 0 sessions
Answer: A
NEW QUESTION 825
Which three statements about Unicast RPF in strict mode and loose mode are true? (Choose three)
A. Inadvertent packet loss can occur when loose mode is used with asymmetrical routing
B. Interface in strict mode drop traffic witch retun routes that point to the Null 0 interface
C. Strict mode requires a default route to be associated with the uplink network interface
D. Loose mode requires the source address to be present in the routing table
E. Both loose and strict modes are configured globally on the router
F. Strict mode is recommended on interfaces that will receive packets only from the same subnet to which the interface is assigned
Answer: BDF
NEW QUESTION 826
……
Download the newest 350-018 exam dumps from: https://drive.google.com/open?id=0B-ob6L_QjGLpfjE1cHRyNEtmX3JfdU9CUFlRZnVxNjZUbWxsSnBpNXM0QjZYZjBXZVgyOTQ (894q dumps, v4.1)
Good Luck !!!