1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 341:

    Which would be the best method to deploy on a Cisco ASA to detect and prevent viruses and worms?

    A. deep packet inspection
    B. content security via the Control Security Services Module
    C. Unicast Reverse Path Forwarding
    D. IP audit signatures

  • Question 342:

    Refer to the exhibit What is the meaning of the given error message?

    A. The PFS groups are mismatched
    B. IKES disabled on the remote peer
    C. The pre-shared keys are mismatched
    D. The mirrored crypto ACLs are mismatched

  • Question 343:

    Which option describes the main purpose of EIGRP authentication?

    A. to authenticate peers
    B. to allow faster convergence
    C. to provide redundancy
    D. to avoid routing table corruption

  • Question 344:

    Refer to the exhibit.

    Which route will be advertised by the Cisco ASA to its OSPF neighbors?

    A. 10.39.23.0/24
    B. 10.40.29.0/24
    C. 10.66.42.215/32
    D. 10.40.29.0/24

  • Question 345:

    Which IPv6 tunnel type is a standard that is defined in RFC 4214?

    A. ISATAP
    B. 6to4
    C. GREv6
    D. manually configured

  • Question 346:

    Which two statements about 802.1x authentication with port security are true? (Choose two.)

    A. If any client causes a security violation, the port is immediately placed in spanning-tree disabled mode.
    B. An entry is created in the secure host table for any client that is authenticated and manually configured for port security, even if the table is full.
    C. 802.1x manages network access for all authorized MAC addresses.
    D. If a client is authenticated and the port security table is full, the oldest client is aged out.
    E. If any host causes a security violation, the port is immediately error-disabled.

  • Question 347:

    Which two statements about the anti-replay feature are true? (Choose two)

    A. By default, the receiver uses a single 64-packet sliding window.
    B. The replay error counter is incremented only when a packet is dropped.
    C. The receiver performs a hash of each packet in the window to detect replays.
    D. The sender assigns two unique sequence numbers to each encrypted packet.
    E. The sender assigns two unique sequence numbers to each clear-text packet.
    F. By default, the sender uses a single 1024-packet sliding window.

  • Question 348:

    What are two functions that ESMTP application inspection provides when enabled on the ASA? (Choose two.)

    A. It supports both SMTP and ESMTP sessions.
    B. It generates an audit trail when it rejects invalid commands.
    C. it protects the network from SMTP application inspection and phishing attacks
    D. It supports private extensions.
    E. It scans MAIL and RCPT commands for invalid characters and other anomalies.
    F. It supports extended SMTP commands, such as ONEX, and VERB.

  • Question 349:

    Which three statements are true regarding the EIGRP update message? (Choose three.)

    A. Updates require an acknowledgement with an ACK message.
    B. Updates can be sent to the multicast address 224.0.0.10.
    C. Updates are sent as unicasts when they are retransmitted.
    D. Updates always include all routes known by the router with partial updates sent in the Reply message.
    E. ACKs for updates are handled by TCP mechanisms.

  • Question 350:

    Drag from left to right on correct action.

    Select and Place:

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.