[Free] 2017(Apr) Ensurepass Testking Cisco 600-199 Latest Dumps 31-40

Ensurepass
2017 April Cisco Official New Released 600-199 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/600-199.html

Securing Cisco Networks with Threat Detection and Analysis

 

QUESTION 31

Refer to the exhibit. Based on the tcpdump output, which two statements are true? (Choose two.)

 

clip_image002

 

A.

The reply is sent via unicast.

B.

All devices in the same subnet on a switched network will see the reply because it was broadcast.

C.

The device is coming up for the first time and is requesting an IP address.

D.

The ARP request is being sent as a broadcast.

E.

The device is requesting an ARP.

F.

Host 192.168.10.7 is requesting the operational status of host 192.168.10.8.

 

Correct Answer: AD

 

 

QUESTION 32

Refer to the exhibit. Which two options does the following tcpdump command do? (Choose two.)

 

clip_image003

 

A.

Read from nvram (non-volatile) and parse the stream.

B.

Capture traffic based on host 10.10.10.10 and HTTP traffic.

C.

Capture traffic based on host 10.10.10.10 and everything but HTTP traffic.

D.

Capture ARP traffic only.

E.

Write the capture as a file.

F.

Read the capture from a file.

 

Correct Answer: CE

 

 

QUESTION 33

What is the maximum size of an IP datagram?

 

A.

There is no maximum size.

B.

It is limited only by the memory on the host computers at either end of the connection and the intermediate routers.

C.

1024 bytes

D.

65535 bytes

E.

32768 bytes

 

Correct Answer: D

 

 

QUESTION 34

The IHL is a 4-bit field containing what measurement?

 

A.

the number of 32-bit words in the IP header

B.

the size of the IP header, in bytes

C.

the size of the entire IP datagram, in bytes

D.

the number of bytes in the IP header

E.

the number of 32-bit words in the entire IP datagram

 

Correct Answer: A

 

 

QUESTION 35

What is the purpose of the TCP SYN flag?

 

A.

to sequence each byte of data in a TCP connection

B.

to synchronize the initial sequence number contained in the Sequence Number header field with the other end of the connection

C.

to acknowledge outstanding data relative to the byte count contained in the Sequence Number header field

D.

to sequence each byte of data in a TCP connection relative to the byte count contained in the Sequence Number header field

 

Correct Answer: B

 

 

QUESTION 36

Refer to the exhibit. What does the tcpdump command do?

 

clip_image005

 

A.

Capture all packets sourced from TCP port 1514, resolve DNS names, print all TCP packets with the SYN flag not equaling 0, and print the Ethernet header and all version information.

B.

Capture all packets sourced from TCP port 1514, resolve DNS names, print all TCP packets except those containing the SYN flag, and print the Ethernet header and all version information.

C.

Capture up to 1514 bytes, do not resolve DNS names, print all TCP packets except for those containing the SYN flag, and print the Ethernet header and be very verbose.

D.

Capture up to 1514 bytes, do not resolve DNS names, print only TCP packets containing the SYN flag, and print the Ethernet header and be very verbose.

 

Correct Answer: D

 

 

QUESTION 37

Refer to the exhibit. In the packet captured from tcpdump, which fields match up with the lettered parameters?

 

clip_image007

 

A.

A.Source and destination IP addresses, B.Source and destination Ethernet addresses, C.Source and destination TCP port numbers, D.TCP acknowledgement number, E.IP options

B.

A.Source and destination Ethernet addresses, B.Source and destination IP addresses, C.Source and destination TCP port numbers, D.TCP sequence number, E.TCP options

C.

A.Source and destination Ethernet addresses, B.Source and destination IP addresses, C.Source and destination TCP port numbers, D.TCP acknowledgement number, E.IP options

D.

A.Source and destination Ethernet addresses, B.Source and destination IP addresses, C.Source and destination TCP port numbers, D.TCP sequence number, E.IP options

 

Correct Answer: B

 

 

QUESTION 38

For TCP and UDP, what is the correct range of well-known port numbers?

 

A.

0 – 1023

B.

1 – 1024

C.

1 – 65535

D.

0 – 65535

E.

024 – 65535

 

Correct Answer: A

 

 

QUESTION 39

Which three symptoms are best used to detect a TCP SYN flood attack? (Choose three.)

 

A.

high memory utilization on target server

B.

large number of sockets in SYN_RECV state on target server

C.

network monitoring devices report large number of unACKed SYNs sent to target server

D.

target server crashes repeatedly

E.

user experience with target server is slow or unresponsive

 

Correct Answer: BCE

 

 

QUESTION 40

Which two statements about the IPv4 TTL field are true? (Choose two.)

 

A.

If the TTL is 0, the datagram is automatically retransmitted.

B.

Each router that forwards an IP datagram reduces the TTL value by one.

C.

It is used to limit the lifetime of an IP datagram on the Internet.

D.

It is used to track IP datagrams on the Internet.

 

Correct Answer: BC

 

100% Free Download!
—Download Free Demo:600-199 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 600-199 Ful
l Exam PDF and VCE
Q&As:269
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com