1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 431:

    Which three NAT types support bidirectional traffic initiation? (Choose three.)

    A. static NAT
    B. NAT exemption
    C. policy NAT with nat/global
    D. static PAT
    E. identity NAT

  • Question 432:

    error: % Invalid input detected at '^' marker.

    Above error is received when generating RSA keys for SSH access on a router using the crypto key generate rsa command. What are the reasons for this error? (Choose two.)

    A. The hostname must be configured before generating RSA keys.
    B. The image that is used on the router does not support the crypto key generate rsa command.
    C. The command has been used with incorrect syntax.
    D. The crypto key generate rsa command is used to configure SSHv2, which is not supported on Cisco IOS devices.

  • Question 433:

    Which two statements correctly describe ASA resource management in multiple context mode? (Choose two.)

    A. The class sets the resource maximum limit for a context to which it belongs.
    B. A resource cannot be oversubscribed or set to be unlimited in the class.
    C. The resource limit can only be set as a percentage in the class and not as an absolute value.
    D. Context belongs to a default class if not assigned to any other class.
    E. The default class provides unlimited access for all the resources.

  • Question 434:

    Which option is representative of automatic IP addressing in IPv4?

    A. 10.1.x.x
    B. 172.10.1.x
    C. 169.254.x.x
    D. 196.245.x.x
    E. 128.1.1.x
    F. 127.1.x.x

  • Question 435:

    Refer to the exhibit.

    What service is enabled on the router for a remote attacker to obtain this information?

    A. TCP small services
    B. finger
    C. maintenance operation protocol
    D. chargen
    E. Telnet
    F. CEF

  • Question 436:

    Which command is required in order for the Botnet Traffic Filter on the Cisco ASA appliance to function properly?

    A. dynamic-filter inspect tcp/80
    B. dynamic-filter whitelist
    C. inspect botnet
    D. inspect dns dynamic-filter-snoop

  • Question 437:

    Which two statements about the IPv6 OSPFv3 authentication Trailer are true (choose two)

    A. The AT-bit resides in the OSPFv3 Header field
    B. The IPv6 Payload length includes the length of the authentication Trailer
    C. It Provide an alternative option to OSPFv3 IPsec authentication
    D. The AT-bit must be set only in OSPFv3 Hello packets that include an Authentication Trailer
    E. The AT-bit must be set only in OSPFv3 Database Description packets that include an Authentication Trailer
    F. The OSPFv3 packet length includes the length of the Authentication Trailer

  • Question 438:

    Which two features are supported in CBAC on IPv6? (Choose two.)

    A. Intrusion Detection System inspection
    B. inspection of encrypted packets
    C. inspection of tunneled packets in transit
    D. inspection of packets on nonstandard ports
    E. inspection of fragmented packets

  • Question 439:

    Which statement is true about the TFTP protocol?

    A. The client is unable to get a directory listing from the server.
    B. The client is unable to create a new file on a server.
    C. The client needs to log in with a username and password.
    D. The client needs to log in using "anonymous" as a username and specifying an email address as a password.

  • Question 440:

    What will the receiving router do when it receives a packet that is too large to forward, and the DF bit is not set in the IP header?

    A. Drop the packet, and send the source an ICMP packet, indicating that the packet was too big to transmit.
    B. Fragment the packet into segments, with all segments having the MF bit set.
    C. Fragment the packet into segments, with all except the last segment having the MF bit set.
    D. Fragment the packet into segments, with all except the first segment having the MF bit set.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.