350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 31:

    When the RSA algorithm is used for signing a message from Alice to Bob, which statement best describes that operation?

    A. Alice signs the message with her private key, and Bob verifies that signature with Alice's public key.
    B. Alice signs the message with her public key, and Bob verifies that signature with Alice's private key.
    C. Alice signs the message with Bob's private key, and Bob verifies that signature with his public key.
    D. Alice signs the message with Bob's public key, and Bob verifies that signature with his private key.
    E. Alice signs the message with her public key, and Bob verifies that signature with his private key.
    F. Alice signs the message with her private key, and Bob verifies that signature with his public key.

  • Question 32:

    Drag each step in the configuration of a Cisco ASA NSEL export to a NetFlow collector on the left into the correct order of operations on the right.

    Select and Place:

  • Question 33:

    Which two values must you configure on the Cisco ASA firewall to support FQDN ACL?(Choose two.)

    A. a DNS server
    B. a policy map
    C. an FQDN object
    D. a service object
    E. a class map
    F. a service policy

  • Question 34:

    Which three authentication methods does the Cisco IBNS Flexible Authentication feature support? (Choose three.)

    A. cut-through proxy
    B. dot1x
    C. MAB
    D. SSO
    E. web authentication

  • Question 35:

    Which three routing characteristics are relevant for DMVPN Phase 3? (Choose three.)

    A. Hubs must not preserve the original IP next-hop.
    B. Hubs must preserve the original IP next-hop.
    C. Split-horizon must be turned off for RIP and EIGRP.
    D. Spokes are only routing neighbors with hubs.
    E. Spokes are routing neighbors with hubs and other spokes.
    F. Hubs are routing neighbors with other hubs and must use the same routing protocol as that used on hub-spoke tunnels.

  • Question 36:

    What are two enhancements in WCCP V2.0 over WCCP V1.0? (Choose two.)

    A. support for HTTP redirection
    B. multicast support
    C. authentication support
    D. IPv6 support
    E. encryption support

  • Question 37:

    Which two answers describe provisions of the SOX Act and its international counterpart Acts? (Choose two.)

    A. confidentiality and integrity of customer records and credit card information
    B. accountability in the event of corporate fraud
    C. financial information handled by entities such as banks, and mortgage and insurance brokers
    D. assurance of the accuracy of financial records
    E. US Federal government information
    F. security standards that protect healthcare patient data

  • Question 38:

    Which of these configurations shows how to configure MPP when only SSH, SNMP, and HTTP are allowed to access the router through the Gigabit Ethernet 0/3 interface and only HTTP is allowed to access the router through the Gigabit Ethernet 0/2 interface?

    A. Router(config-cp-host)# management-interface GigabitEthernet 0/3 allow http ssh snmp Router(config-cp-host)# management-interface GigabitEthernet 0/2 allow http
    B. Router(config-cp-host)# management-interface GigabitEthernet 0/3 allow http ssh tftp snmp Router(config-cp-host)# management-interface GigabitEthernet 0/2 allow http
    C. Router(config-cp-host)# management-interface GigabitEthernet 0/3 allow http ssh snmp Router(config-cp-host)# management-interface GigabitEthernet 0/2 allow http ssh
    D. Router(config-cp-host)# management-interface GigabitEthernet 0/3 http ssh snmp Router(config-cp-host)# management-interface GigabitEthernet 0/2 http

  • Question 39:

    According to OWASP guidelines, what is the recommended method to prevent cross-site request forgery?

    A. Allow only POST requests.
    B. Mark all cookies as HTTP only.
    C. Use per-session challenge tokens in links within your web application.
    D. Always use the "secure" attribute for cookies.
    E. Require strong passwords.

  • Question 40:

    Which two statements about the AES algorithm are true? (Choose two)

    A. The AES algorithm is an asymmetric block cipher.
    B. The AES algorithm operates on a 128-bits block.
    C. The AES algorithm uses a fixed length-key of 128 bits.
    D. The AES algorithm does not give any advantage over 3DES due to the same key length.
    E. The AES algorithm consist of four functions. Three functions provide confusion-diffusion and one provides encryption.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.