1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 131:

    Which three statements are true about the SSH protocol? (Choose three.)

    A. SSH protocol runs over TCP port 23.
    B. SSH protocol provides for secure remote login and other secure network services over an insecure network.
    C. Telnet is more secure than SSH for remote terminal access.
    D. SSH protocol runs over UDP port 22.
    E. SSH transport protocol provides for authentication, key exchange, confidentiality, and integrity.
    F. SSH authentication protocol supports public key, password, host based, or none as authentication methods.

  • Question 132:

    What technology can secure DNS information in IP networks?

    A. a combination of DNS and SSL/TLS
    B. a combination of DNS and IPSec
    C. DNS encryption
    D. DNSSEC

  • Question 133:

    Drag the elements on the left to their corresponding functionality on the right

    Select and Place:

  • Question 134:

    What are three features that are enabled by generating Change of Authorization (CoA) requests in a push model? (Choose three.)

    A. session termination
    B. host reauthentication
    C. session identification
    D. MAC identification
    E. session reauthentication
    F. host termination

  • Question 135:

    Which ICMP message type code indicates that fragment reassembly time has been exceeded?

    A. Type 11, code 0
    B. Type 11, Code 1
    C. Type 12, Code 2
    D. Type 4, Code 0

  • Question 136:

    Which SSL protocol takes an application message to be transmitted, fragments the data into manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit in a TCP segment?

    A. SSL Handshake Protocol
    B. SSL Alert Protocol
    C. SSL Record Protocol
    D. SSL Change CipherSpec Protocol

  • Question 137:

    Which three statements about the RSA algorithm are true? (Choose three.)

    A. The RSA algorithm provides encryption but not authentication.
    B. The RSA algorithm provides authentication but not encryption.
    C. The RSA algorithm creates a pair of public-private keys that are shared by entities that perform encryption.
    D. The private key is never sent across after it is generated.
    E. The public key is used to decrypt the message that was encrypted by the private key.
    F. The private key is used to decrypt the message that was encrypted by the public key.

  • Question 138:

    Which statement is true about the Cisco NEAT 802.1X feature?

    A. The multidomain authentication feature is not supported on the authenticator switch interface.
    B. It allows a Cisco Catalyst switch to act as a supplicant to another Cisco Catalyst authenticator switch.
    C. The supplicant switch uses CDP to send MAC address information of the connected host to the authenticator switch.
    D. It supports redundant links between the supplicant switch and the authenticator switch.

  • Question 139:

    For which router configuration is the attack-drop.sdf file recommended?

    A. Routers with less than 128 MB of memory.
    B. Routers with less than 64 MB of memory.
    C. Routers with at least 128 MB of memory.
    D. Routers with at least 192 MB of memory.
    E. Routers with at least 256 MB of memory.

  • Question 140:

    Which of the following Cisco IPS signature engine has relatively high memory usage?

    A. The STRING-TCP engine
    B. The NORMALIZER engine
    C. The STRING-UDP engine
    D. The STRING-ICMP engine

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.