350-018 Exam Details
-
Exam Code
:350-018 -
Exam Name
:CCIE Security written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:872 Q&As -
Last Updated
:Dec 11, 2021
Cisco 350-018 Online Questions & Answers
-
Question 221:
Which statement about VLAN is true?
A. VLAN cannot be routed.
B. VLANs 1006 through 4094 are not propagated by VTP.
C. VLAN1 is a Cisco default VLAN that can be deleted.
D. The extended-range VLANs cannot be configured in global configuration mode. -
Question 222:
What command can you use to display the number of malformed messages received by a OFICP server?
A. show ip dhcp relay information trusted-sources
B. B. show ip dhcp server statistics
C. C. show ip dhcp conflict
D. D. show ip dhcp binding
E. E. show ip dhcp database -
Question 223:
Refer to the exhibit.
Against which type of attack does the given configuration protect?
A. pharming
B. a botnet attack
C. phishing
D. DNS hijacking
E. DNS cache poisoning -
Question 224:
Which option describes the purpose of the RADIUS VAP-ID attribute?
A. It sets the minimum bandwidth for the connection.
B. It identifies the VLAN interface to which the client will be associated.
C. It specifies the WLAN ID of the wireless LAN to which the client belongs.
D. It sets the maximum bandwidth for the connection.
E. It specifies the ACL ID to be matches against the client.
F. It specifies the priority of the client. -
Question 225:
Which two statements about RFC 2827 are true? (Choose two.)
A. RFC 2827 defines egress packet filtering to safeguard against IP spoofing.
B. A corresponding practice is documented by the IEFT in BCP 38.
C. RFC 2827 defines ingress packet filtering for the multihomed network.
D. RFC 2827 defines ingress packet filtering to defeat DoS using IP spoofing.
E. A corresponding practice is documented by the IEFT in BCP 84. -
Question 226:
Which three statements are true about DES? (Choose three.)
A. A 56-bit key is used to encrypt 56-bit blocks of plaintext.
B. A 56-bit key is used to encrypt 64-bit blocks of plaintext.
C. Each block of plaintext is processed through 16 rounds of identical operations.
D. Each block of plaintext is processed through 64 rounds of identical operations.
E. ECB, CBC, and CBF are modes of DES.
F. Each Block of plaintext is processed through 8 rounds of identical operations.
G. CTR, CBC, and OFB are modes of DES. -
Question 227:
In an 802.11 WLAN, which option is the Layer 2 identifier of a basic service set, and also is typically the MAC address of the radio of the access point?
A. BSSID
B. SSID
C. VBSSID
D. MBSSID -
Question 228:
Which four options are valid EAP mechanisms to be used with WPA2? (Choose four.)
A. PEAP
B. EAP-TLS
C. EAP-FAST
D. EAP-TTLS
E. EAPOL
F. EAP-RADIUS
G. EAP-MD5 -
Question 229:
You are preparing Control Plane Protection configurations for implementation on the router, which has the EBGP peering address 1.1.1.2. Which ACL statement can you use to classify the related traffic into the EBGP traffic compartment?
A. permit tcp host 1.1.1.1 gt 1024 host 1.1.1.2 eq bgp permit tcp host 1.1.1.1 eq bgp host 1.1.1.2 gt 1024
B. permit tcp host 1.1.1.2 gt 1024 host 1.1.1.2 eq bgp permit tcp host 1.1.1.2 eq bgp host 1.1.1.2 gt 1024
C. permit tcp host 10.1.1.1 gt 1024 host 10.1.1.2 eq bgp permit tcp host 10.1.1.1 eq bgp host 10.1.1.2 gt 1024
D. permit tcp host 1.1.1.1 gt 1024 host 1.1.1.1 eq bgp permit tcp host 1.1.1.1 eq bgp host 1.1.1.1 gt 1024 -
Question 230:
Which two statements about the OSPF authentication configuration are true? (Choose two.)
A. OSPF authentication is required in area 0.
B. There are three types of OSPF authentication options available.
C. In MD5 authentication, the password is encrypted when it is sent.
D. Null authentication includes the password in clear-text.
E. Type-3 authentication is a clear-text password authentication.
F. In MD5 authentication, the password never goes across the network.
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.