350-018 Exam Details
-
Exam Code
:350-018 -
Exam Name
:CCIE Security written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:872 Q&As -
Last Updated
:Dec 11, 2021
Cisco 350-018 Online Questions & Answers
-
Question 641:
Which VTP mode allows the Cisco Catalyst switch administrator to make changes to the VLAN configuration that only affect the local switch and are not propagated to other switches in the VTP domain?
A. transparent
B. server
C. client
D. local
E. pass-through -
Question 642:
Refer to the exhibit Which command caused the above messages?
A. neighbor 101.0.0.1 maximun-prefix 500 70 warning-only
B. neighbor 101.0.0.1 maximun-prefix 500 70
C. neighbor 101.0.0.1 maximun-prefix 500 80 warning-only
D. neighbor 101.0.0.1 maximun-prefix 500 90 -
Question 643:
What are two protocols that HTTP can use to secure sessions? (Choose two.)
A. AH
B. AES
C. SSL
D. HTTPS
E. TLS -
Question 644:
Which statement about the Cisco ASA operation running versions 8.3 is true?
A. The interface and global access lists both can be applied in the input or output direction.
B. NAT control is enabled by default.
C. The interface access list is matched first before the global access lists.
D. The static CLI command is used to configure static NAT translation rules. -
Question 645:
Which statement correctly describes a category for the ASA Botnet Traffic Filter feature?
A. Unlisted addresses: The addresses are malware addresses that are not identified by the dynamic database and are hence defined statically.
B. Ambiguous addresses: In this case, the same domain name has multiple malware addresses. These addresses are on the graylist.
C. Known malware addresses: These addresses are identified as blacklist addresses in the dynamic database and static list.
D. Known allowed addresses: These addresses are identified as whitelist addresses that are bad addresses but still allowed. -
Question 646:
What are two advantages of NBAR2 over NBAR? (Choose two)
A. Only NBAR2 allows the administrator to apply individual PDL flies
B. Only NBAR2 supports custom protocols based on HTTP URLS
C. Only NBAR2 supports PDLM to support new protocols
D. Only NBAR2 supports Flexible NetFlow for extracting and exporting fields from the Packet header
E. Only NBAR2 can use Sampled NetFlow to extract pre-defined packet headers for reporting -
Question 647:
Refer to the exhibit.
What is the cause of the issue that is reported in this debug output?
A. The identity of the peer is not acceptable.
B. There is an esp transform mismatch.
C. There are mismatched ACLs on remote and local peers.
D. The SA lifetimes are set to 0. -
Question 648:
Which spanning-tree mode supports a separate spanning-tree instance for each VLAN and also supports the 802.1w standard that has a faster convergence than 802.1D?
A. PVST+
B. PVRST+
C. PVST
D. CST
E. MST
F. RST -
Question 649:
What is the commonly known name for the process of generating and gathering initialization vectors, either passively or actively, for the purpose of determining the security key of a wireless network?
A. WEP cracking
B. session hijacking
C. man-in-the-middle attacks
D. disassociation flood frames -
Question 650:
Which three statements about NetFlow version 9 are correct? (Choose three.)
A. It is backward-compatible with versions 8 and 5.
B. Version 9 is dependent on the underlying transport; only UDP is supported.
C. A version 9 export packet consists of a packet header and flow sets.
D. Generating and maintaining valid template flow sets requires additional processing.
E. NetFlow version 9 does not access the NetFlow cache entry directly.
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.