1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 181:

    What protocol format is illustrated?

    Refer to the exhibit.

    A. IP
    B. ESP
    C. GRE
    D. AH

  • Question 182:

    A Cisco Easy VPN software client is unable to access its local LAN devices once the VPN tunnel is established. What is the best way to solve this issue?

    A. The IP address that is assigned by the Cisco Easy VPN Server to the client must be on the same network as the local LAN of the client.
    B. The Cisco Easy VPN Server should apply split-tunnel-policy excludespecified with a split-tunnel-list containing the local LAN addresses that are relevant to the client.
    C. The Cisco Easy VPN Server must push down an interface ACL that permits the traffic to the local LAN from the client.
    D. The Cisco Easy VPN Server should apply a split-tunnel-policy tunnelall policy to the client.
    E. The Cisco Easy VPN client machine needs to have multiple NICs to support this.

  • Question 183:

    You have configured an authenticator switch in access mode on a network configured with NEAT. What RADIUS attribute must the ISE server return to change the switch's port mode to trunk?

    A. EAP-Message=switch
    B. Acct-Authentic=RADIUS
    C. device-traffic-class=trunk
    D. Authenticate=Administrative
    E. Framed-Protocol=1
    F. device-traffic-class=switch

  • Question 184:

    Refer to the exhibit.

    You have configured two route-map instances on R1. which passes traffic from switch 1 on both VLAN 1 and VLAN 2 You wish to ensure that * The first route-map instance matches packets from VLAN 1 and sets the next hop to 3232:2/128. * The second route-map instance matches packets from VLAN 2 and sets the next hop to 3232:3/128. What feature can you implement on R1 to make this configuration possible?

    A. BGP next-hop
    B. BGP local-preference
    C. PBR
    D. VSSP
    E. GLBP

  • Question 185:

    Refer to the exhibit.

    Which configuration is required to enable the exporter?

    A. Source Loopback0
    B. Cache timeout active 60
    C. Cache timeout inactive 60
    D. Next-hop address

  • Question 186:

    Refer to the exhibit.

    After setting the replay window size on your Cisco router, you received the given system message. What is the reason for the message?

    A. The replay window size is set too low for the number of packets received.
    B. The IPSec anti-replay feature is enabled, but the window size feature is disabled.
    C. The IPSec anti-replay feature is disabled.
    D. The replay window size is set too high for the number of packets received.

  • Question 187:

    Which two parameters can the HostScan feature scan before users log in? (Choose two)

    A. whether specific files are present
    B. whether a proxy service is configured on a Linux host
    C. whether specific IPv4 and IPv6 addresses are assigned
    D. whether specific certificate authorities are configured
    E. whether a specific keychain entry exists on an OS X host

  • Question 188:

    Drag the step in the SCEP workflow on the left into the correct order of operation on the right.

    Select and Place:

  • Question 189:

    Refer to the exhibit.

    Identify the behavior of the ACL if it is applied inbound on E0/0.

    A. The ACL will drop both initial and noninitial fragments for port 80 only.
    B. The ACL will pass both initial and noninitial fragments for port 80 only.
    C. The ACL will pass the initial fragment for port 80 but drop the noninitial fragment for any port.
    D. The ACL will drop the initial fragment for port 80 but pass the noninitial fragment for any port.

  • Question 190:

    Which three statements about VXLANs are true? (Choose three.)

    A. It requires that IP protocol 8472 be opened to allow traffic through a firewall.
    B. Layer 2 frames are encapsulated in IP, using a VXLAN ID to identify the source VM.
    C. A VXLAN gateway maps VXLAN IDs to VLAN IDs.
    D. IGMP join messages are sent by new VMs to determine the VXLAN multicast IP.
    E. A VXLAN ID is a 32-bit value.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.