350-018 Exam Details
-
Exam Code
:350-018 -
Exam Name
:CCIE Security written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:872 Q&As -
Last Updated
:Dec 11, 2021
Cisco 350-018 Online Questions & Answers
-
Question 121:
Drag each ISE probe on the left to the matching statement on the right.
Select and Place:
-
Question 122:
Which two statements about SHA are correct? (Choose two.)
A. Five 32-bit variables are applied to the message to produce the 160-bit hash.
B. The message is split into 64-bit blocks for processing.
C. The message is split into 512-bit blocks for processing.
D. SHA-2 and MD5 both consist of four rounds of processing. -
Question 123:
Which Category to Protocol mapping for NBAR is correct?
A. Category: Enterprise Applications Protocol: Citrix ICA, PCAnywhere, SAP, IMAP
B. Category: Internet Protocol: FTP, HTTP, TFTP
C. Category: Network Management Protocol: ICMP, SNMP, SSH, Telnet
D. Category: Network Mail Services Protocol: MAPI, POP3, SMTP -
Question 124:
Which two statements about PCI DSS are true? (Choose two.)
A. PCI DSS is a US government standard that defines ISP security compliance.
B. PCI DSS is a proprietary security standard that defines a framework for credit, debit, and ATM cardholder information.
C. PCI DSS is a criminal act of cardholder information fraud.
D. One of the PCI DSS objectives is to restrict physical access to credit, debit, and ATM cardholder information.
E. PCI DSS is an IETF standard for companies to protect credit, debit, and ATM cardholder information. -
Question 125:
What are three scanning engine that the Cisco IronPort dynamic vectoring and streaming engine can use to protect against malware? (Choose three)
A. McAfee
B. F-Secure
C. TrendMicro
D. Symantec
E. Webroot
F. Sophos -
Question 126:
Which two ESMTP commands are supported by the ASA inspection engine? (Choose two.)
A. SOML
B. LINK
C. VERB
D. ONEX
E. ETRN
F. ATRN -
Question 127:
Which statement about PVLAN setup is true?
A. The host that is connected to the community port can communicate with a host that is connected to a different community port.
B. The host that is connected to the community port cannot communicate with hosts that are connected to the promiscuous port.
C. The host that is connected to the community port cannot communicate with hosts that are connected to the isolated port.
D. The host that is connected to the community port can only communicate with hosts that are connected to the same community port. -
Question 128:
Refer to the exhibit.
Why is there no encrypted session between host 10.10.10.1 and 20.20.20.1?
A. Incorrect or missing phase 2 configuration on the server.
B. Incorrect or missing Virtual-Template configuration on the server.
C. Incorrect or missing phase 1 configuration on server.
D. Incorrect or missing Virtual-Template configuration on the client.
E. Incorrect or missing group configuration on the server. -
Question 129:
Which statement about ISO/IEC 27001 is true?
A. It is only intended to report security breaches to the management authority
B. It was reviewed by the intermational Electrotechnical Commission
C. It was reviewed by the intermational Organization for Standardization D. It is intended to bring information security under management control
E. It was published by ISO/IEC -
Question 130:
Which two statements about header attacks are true?(Choose two)
A. An attacker can leverage an HTTP response header to inject malicious code into an application
B. An attacker can execute a spoofing attack by populating the RH0 routing header subtype with multiple destination addresses
C. An attacker can use HTTP header attacks to launch a DoS attack
D. An attacker can use IPv6 Next Header attacks to steal user data an launch phishing attacks
E. An attacker can use vulnerabilities in the IPv6 routing header to launch attacks at the application layer
F. An attacker can leverage an HTTP response header to write malicious cookies
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.