1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 291:

    How does 3DES use the DES algorithm to encrypt a message?

    A. encrypts a message with K1, decrypts the output with K2, then encrypts it with K3
    B. encrypts a message with K1, encrypts the output with K2, then encrypts it with K3
    C. encrypts K1 using K2, then encrypts it using K3, then encrypts a message using the output key
    D. encrypts a message with K1, encrypts the output with the K2, then decrypts it with K3

  • Question 292:

    Which two statements about NEAT are true? (Choose two.)

    A. NEAT supports standard ACLs on the switch port.
    B. NEAT is not supported on an EtherChannel port.
    C. NEAT should be deployed only with autoconfiguration.
    D. NEAT uses CISP (Client Information Signaling Protocol) to propagate client IP address.
    E. NEAT is supported on an EtherChannel port.

  • Question 293:

    What IP protocol number is used in the protocol field of an IPv4 header, when IPv4 is used to tunnel IPv6 packets?

    A. 6
    B. 27
    C. 41
    D. 47
    E. 51

  • Question 294:

    Which three statements are true about TLS? (Choose three.)

    A. TLS protocol uses a MAC to protect the message integrity.
    B. TLS data encryption is provided by the use of asymmetric cryptography.
    C. The identity of a TLS peer can be authenticated using public key or asymmetric cryptography.
    D. TLS protocol is originally based on the SSL 3.0 protocol specification.
    E. TLS provides support for confidentiality, authentication, and nonrepudiation.

  • Question 295:

    When you configure an ASA with RADIUS authentication and authorization, which attribute is used to differentiate user roles?

    A. cisco-priv-level
    B. service-type
    C. termination-action
    D. tunnel-type
    E. login-ip-host

  • Question 296:

    Which three statements are true about objects and object groups on a Cisco ASA appliance that is running Software Version 8.4 or later? (Choose three.)

    A. TCP, UDP, ICMP, and ICMPv6 are supported service object protocol types.
    B. IPv6 object nesting is supported.
    C. Network objects support IPv4 and IPv6 addresses.
    D. Objects are not supported in transparent mode.
    E. Objects are supported in single- and multiple-context firewall modes.

  • Question 297:

    A device is sending a PDU of 5000 B on a link with an MTU of 1500 B. If the PDU includes 20 B of IP header, which statement is true?

    A. The first three packets will have a packet payload size of 1400.
    B. The last packet will have a payload size of 560.
    C. The first three packets will have a packet payload size of 1480.
    D. The last packet will have a payload size of 20.

  • Question 298:

    Refer to the exhibit.

    Which option describes the behavior of the ACL if it is applied inbound on E0/0?

    A. The ACL will drop both initial and noninitial fragments for port 80 only.
    B. The ACL will pass both initial and noninitial fragments for port 80 only.
    C. The ACL will pass the initial fragment for port 80 but drop the noninitial fragment for any port.
    D. The ACL will drop the initial fragment for port 80 but pass the noninitial fragment for any port.

  • Question 299:

    Refer to the exhibit.

    Which message of the ISAKMP exchange is failing?

    A. main mode 1
    B. main mode 3
    C. aggressive mode 1
    D. main mode 5
    E. aggressive mode 2

  • Question 300:

    Which protocol provides the same functions in IPv6 that IGMP provides in IPv4 networks?

    A. ICMPv6
    B. ND
    C. MLD
    D. TLA

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.