1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 311:

    Which two statements about Network Edge Authentication Technology (NEAT) are true? (Choose two.)

    A. It can be configured on both access ports and trunk ports.
    B. It allows you to configure redundant links between authenticator and supplicant switches
    C. It can be configured on both access ports and EtherChannel ports.
    D. It supports port-based authentication on the authenticator switch.
    E. It conflicts with auto-configuration
    F. It requires a standard ACL on the switch port.

  • Question 312:

    Drag each IPSec term on the left to the definition on the right.

    Select and Place:

  • Question 313:

    What are two characteristics of RPL ,used in loT environments ? (Choose two)

    A. it is distance-vector protocol
    B. it is a Interior Gateway Protocol
    C. it is link-state protocol
    D. it is a hybrid protocol
    E. it is an Exterior Gateway Protocol

  • Question 314:

    What feature on Cisco IOS router enables user identification and authorization based on per-user policies?

    A. NetFlow v9
    B. B.EEM
    C. CBAC
    D. IPSec
    E. zone-based firewall
    F. authentication proxy

  • Question 315:

    Which two statements about NHRP are true? (Choose two.)

    A. NHRP is used for broadcast multi-access networks.
    B. NHRP allows NHC to dynamically learn the mapping of VPN IP to NBMA IP.
    C. NHRP allows NHS to dynamically learn the mapping of VPN IP to BMA IP.
    D. NHC registers with NHS.
    E. Traffic between two NHCs always flows through the NHS.
    F. NHRP provides Layer-2 to Layer-3 address mapping.

  • Question 316:

    What are two benefit of Cisco TrustSec NDAC? (Choose three)

    A. It can protect against rogue network devices.
    B. It enables untrusted devices to acquire trust on the network and negotiate manual keys.
    C. It uses authorization to negotiate keys and the cipher suite for encryption
    D. It uses 802.1X encryption instead of 802.1AE encryption
    E. It can prevent untrusted devices from launching DoS attacks.
    F. It supports 802.1AE-based encryptions with an automatic key.

  • Question 317:

    Which additional configuration component is required to implement a MACSec Key Agreement policy on user-facing Cisco Catalyst switch ports?

    A. PKI
    B. TACACS+
    C. multi-auth host mode
    D. port security
    E. 802.1x

  • Question 318:

    In order to reassemble IP fragments into a complete IP datagram, which three IP header fields are referenced by the receiver? (Choose three.)

    A. don't fragment flag
    B. packet is fragmented flag
    C. IP identification field
    D. more fragment flag
    E. number of fragments field
    F. fragment offset field

  • Question 319:

    What are three of the components of the Cisco PCI solution framework (choose three)

    A. Infrastructure
    B. Risk Assessment
    C. Virtualization
    D. Endpoint
    E. Disaster management
    F. Services

  • Question 320:

    Which two options correctly describe Remote Triggered Black Hole Filtering (RFC 5635)? (Choose two.)

    A. RTBH destination based filtering can drop traffic destined to a host based on triggered entries in the FIB.
    B. RTBH source based filtering will drop traffic from a source destined to a host based on triggered entries in the RIB
    C. Loose uRPF must be used in conjunction with RTBH destination based filtering
    D. Strict uRPF must be used in conjunction with RTBH source based filtering
    E. RTBH uses a discard route on the edge devices of the network and a route server to send triggered route updates
    F. When setting the BGP community attribute in a route-map for RTBH use the no-export community unless BGP confederations are used then use local-as to advertise to sub-as confederations

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.