1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 511:

    Which object table contains informations about the clients know to the server in Cisco NHRP MIB implementation?

    A. NHRP Server NHC Table
    B. NHRP Client Statistics Table
    C. NHRP Cache Table
    D. NHRP Purge Request Table

  • Question 512:

    When configuring an Infrastructure ACL (iACL) to protect the IPv6 infrastructure of an enterprise network, where should the iACL be applied??

    A. all infrastructure devices in both the inbound and outbound direction
    B. all infrastructure devices in the inbound direction
    C. all infrastructure devices in the outbound direction
    D. all parameter devices in both the inbound and outbound direction
    E. all parameter devices in the inbound direction
    F. all parameter devices in the outbound direction

  • Question 513:

    Hierarchical priority queuing is used on the interfaces on which you enable a traffic-shaping queue. Which two statements about hierarchical priority queuing are true? (Choose two.)

    A. Priority packets are never dropped from the shape queue unless the sustained rate of priority traffic exceeds the shape rate.
    B. For IPsec-encrypted packets, you can match traffic based only on the DSCP or precedence setting.
    C. IPsec over TCP is not supported for priority traffic classification.
    D. For IPsec-encrypted packets, you cannot match traffic based on the DSCP or precedence setting.
    E. IPsec over TCP is supported for priority traffic classification.

  • Question 514:

    Which three actions are advisable when implementing desktop security? (Choose three.)

    A. Installing and maintaining anti-virus/anti-malware software
    B. Educating users on the danger of opening files and attachments from un-trusted sources
    C. Statically defining user password based on information like employee ID number to reduce incidence of forgotten passwords
    D. Configuring multiple local network DHCP servers
    E. Staying up to date with operating system patches and updates
    F. Configuring client firewalls to automatically disable during business hours as not to impact production traffic and applications

  • Question 515:

    Which type of PVLAN ports can communicate among themselves and with the promiscuous port?

    A. isolated
    B. community
    C. primary
    D. secondary
    E. protected

  • Question 516:

    Refer to the exhibit.R1 and R2 are failing to establish a BGP neighbor relationship. What is a Possible reason for the problem?

    A. The neighbor remote-as command on R2 uses an incorrect AS number.
    B. The BGP timers on R1 and R2 are different.
    C. R2 is configured with a private AS.
    D. The no synchronization command is missing from R1’S configuration.
    E. The dbgp-multihop values on R1 and R2 are different.
    F. The no auto-summary command is missing from R2’S configuration.

  • Question 517:

    Which two are valid SMTP commands, according to RFC 821? (Choose two.)

    A. EHLO
    B. HELO
    C. RCPT
    D. AUTH

  • Question 518:

    Which two statements about Cisco MQC are true? (Choose two)

    A. It can classify Layer 2 Packets from legacy protocols
    B. By default, its uses match-any matching
    C. A packet can match only one traffic class within an individual traffic policy
    D. It allows you to link multiple traffic policies to a single traffic class.
    E. Unclassified traffic is queued in a FIFO queue to be managed by the match not command configuration
    F. It can handle Layer2 packets from legacy protocol without classifying them.

  • Question 519:

    Which two statements about the IPv6 OSPFv3 authentication Trailer are true (choose two)

    A. The AT-bit resides in the OSPFv3 Header field
    B. The IPv6 Payload length includes the length of the authentication Trailer
    C. It Provide an alternative option to OSPFv3 IPsec authentication
    D. The AT-bit must be set only in OSPFv3 Hello packets that include an Authentication Trailer
    E. The AT-bit must be set only in OSPFv3 Database Description packets that include an Authentication Trailer
    F. The OSPFv3 packet length includes the length of the Authentication Trailer

  • Question 520:

    Which statement is correct about the Cisco IOS Control Plane Protection feature?

    A. Control Plane Protection is restricted to the IPv4 or IPv6 input path.
    B. Traffic that is destined to the router with IP options will be redirected to the host control plane.
    C. Disabling CEF will remove all active control-plane protection policies. Aggregate control- plane policies will continue to operate.?
    D. The open-port option of a port-filtering policy allows access to all TCP/UDP based services that are configured on the router.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.