350-018 Exam Details
-
Exam Code
:350-018 -
Exam Name
:CCIE Security written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:872 Q&As -
Last Updated
:Dec 11, 2021
Cisco 350-018 Online Questions & Answers
-
Question 371:
Which IPv4 header field usually increments for each subsequent packet sent?
A. Flag
B. Fragment Offset
C. Identification
D. Time To Live -
Question 372:
Refer to the exhibit.
Which command caused the above messages?
A. Neighbor 101.0.0.1 maximum-prefix 500 80 warning-only.
B. Neighbor 101.0.0.1 maximum-prefix 500 90.
C. Neighbor 101.0.0.1 maximum-prefix 500 70.
D. Neighbor 101.0.0.1 maximum-prefix 500 70 warning-only. -
Question 373:
Which MAC address control command enables usage monitoring for a CAM table on a switch?
A. mac-address-table synchronize
B. mac-address-table limit
C. mac-address-table secure
D. mac-address-table notification threshold
E. mac-address-table learning -
Question 374:
Which PKCS is invoked during IKE MM5 and MM6 when digital certificates are used as the authentication method?
A. PKCS#7
B. PKCS#10
C. PKCS#13
D. PKCS#11
E. PKCS#3 -
Question 375:
Which two network protocols can operate on the application layer? (Choose two)
A. UDP
B. TCP
C. SMB
D. DNS
E. DCCP
F. NetBIOS -
Question 376:
What feature on the Cisco ASA is used to check for the presence of an up-to-date antivirus vendor on an AnyConnect client?
A. Dynamic Access Policies with no additional options
B. Dynamic Access Policies with Host Scan enabled
C. advanced endpoint assessment
D. LDAP attribute maps obtained from Antivirus vendor -
Question 377:
Which option is an example of network reconnaissance attack?
A. botnets
B. ping of death
C. SYN flooding
D. inverse mapping -
Question 378:
Which two statements about the Cisco AnyConnect client Trusted Network Detection feature are true? (Choose two.)
A. The feature relies only on the DNS server list to detect whether the client machine is in a trusted or untrusted network.
B. An attacker can theoretically host a malicious DHCP server and return data that triggers the client to believe that it resides in a trusted network.
C. If an attacker knows the DNS server value that is configured in the Cisco AnyConnect profile and provisions the DHCP server to return both a real and spoofed value, then Cisco AnyConnect considers the endpoint to be in an untrusted network.
D. The feature does not provide AnyConnect ability to automatically establish VPN connection when the user is outside the trusted network. -
Question 379:
Which two statements about PVLAN port types are true ? (Choose two)
A. A promiscuous port can send traffic to all ports within a broadcast domain
B. An isolated port can receive traffic t from promiscuous ports in any community on its Broadcast domain, but can send traffic only to ports in its own community
C. An isolated port can send and receive traffic only to and from promiscuous ports
D. A community port can send traffic to promiscuous ports in other communities its Broadcast domain
E. A community port can send traffic to community ports in other communities its Broadcast domain
F. A promiscuous can send traffic to to community ports in other Broadcast domainS -
Question 380:
Which statement about the AH is true?
A. AH authenticates only the data.
B. AH authenticates only the IP header.
C. AH authenticates only the TCP-UDP header.
D. AH authenticates the entire packet and any mutable fields.
E. AH authenticates the entire packet except for any mutable fields.
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.