1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 381:

    Refer to the exhibit.

    Which two items are not encrypted by ESP in tunnel mode? (Choose two)

    A. ESP header
    B. ESP trailer
    C. Original IP header
    D. Data
    E. TCP-UDP header
    F. Authentication Data

  • Question 382:

    A cloud service provider is designing a large mulitienant data center to support thousands of tensants. The provider is concerned about the scalability the layer 2 network and providing layer 2 segmentation to potentially thousands of tenants . Which layer 2 technology is best suited in this scenario?

    A. extended VLAN ranges
    B. VXLAN
    C. VRF
    D. LDP

  • Question 383:

    Drag each goal of PCI DS5 on the left to the corresponding PCI DSS requirement on the right.

    Select and Place:

  • Question 384:

    Which statement about DHCP is true?

    A. DHCP uses TCP port 68 and 67
    B. The DHCPDiscover packet is a broadcast message C. The DHCPRequest is a unicast message.
    D. The DHCPOffer packet is sent from the DHCP client

  • Question 385:

    Which statement about Storm Control implementation on a switch is true?

    A. Storm Control does not prevent disruption due to unicast traffic.
    B. Storm Control is implemented as a global configuration.
    C. Storm Control uses the bandwidth and rate at which a packet is received to measure the activity.
    D. Storm Control uses the bandwidth and rate at which a packet is dispatched to measure the activity.
    E. Storm Control is enabled by default.

  • Question 386:

    Refer to the exhibit.

    Which option describes the behavior of this configuration?

    A. Traffic from the n2 network object to the inside network will be translated using the n1 network object.
    B. Traffic from the n1 network object to the outside network will be translated using the n2 network object.
    C. Traffic from the n2 network object to the outside network will be translated using the n1 network object.
    D. Traffic from the n2 network object to the outside network will be translated using the n2 network object.

  • Question 387:

    Which three statements are true regarding Security Group Tags? (Choose three.)

    A. When using the Cisco ISE solution, the Security Group Tag gets defined as a separate authorization result.
    B. When using the Cisco ISE solution, the Security Group Tag gets defined as part of a standard authorization profile.
    C. Security Group Tags are a supported network authorization result using Cisco ACS 5.x.
    D. Security Group Tags are a supported network authorization result for 802.1X, MAC Authentication Bypass, and WebAuth methods of authentication.
    E. A Security Group Tag is a variable length string that is returned as an authorization result.

  • Question 388:

    Which three statements are true about the transparent firewall mode in Cisco ASA? (Choose three.)

    A. The firewall is not a routed hop.
    B. The firewall can connect to the same Layer 3 network on its inside and outside interfaces.
    C. Static routes are supported.
    D. PAT and NAT are not supported.
    E. Only one global address per device is supported for management.
    F. SSL VPN is supported for management.

  • Question 389:

    What is the default communication port used by RSA SDI and ASA?

    A. UDP 5500
    B. UDP 848
    C. UDP 500
    D. UDP 4500

  • Question 390:

    Which three multicast features are supported on the Cisco ASA? (Choose three.)

    A. PIM sparse mode?
    B. IGMP forwarding?
    C. Auto-RP
    D. NAT of multicast traffic?

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.