1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 661:

    Which statement correctly describes a botnet filter category?

    A. Unlisted addresses: The addresses are malware addresses that are not identified by the dynamic database and are hence defined statically.
    B. Ambiguous addresses: In this case, the same domain name has multiple malware addresses but not all the addresses are in the dynamic database. These addresses are on the graylist.
    C. Known malware addresses: These addresses are identified as blacklist addresses in the dynamic database and static list.
    D. Known allowed addresses: These addresses are identified as whitelist addresses that are bad addresses but still allowed.

  • Question 662:

    In traceroute, which ICMP message indicates the packet is dropped by a router in the path?

    A. Type 3, Code 3
    B. Type 11, Code 0
    C. Type 5, Code 1
    D. Type 3, Code 1
    E. Type 11, Code 1

  • Question 663:

    Drag each IPS Signature Engine on the left to the matching description on the right

    Select and Place:

  • Question 664:

    Refer to the exhibit.

    Which three command sets are required to complete this IPv6 IPsec site-to-site VTI? (Choose three.)

    A. interface Tunnel0 tunnel mode ipsec ipv6
    B. crypto isakmp-profile match identity address ipv6 any
    C. interface Tunnel0 ipv6 enable
    D. ipv6 unicast-routing
    E. interface Tunnel0 ipv6 enable-ipsec

  • Question 665:

    Refer to the exhibit.

    Which three statements are true? (Choose three.)

    A. Because of a "root delay" of 0ms, this router is probably receiving its time directly from a Stratum 0 or 1 GPS reference clock.
    B. This router has correctly synchronized its clock to its NTP master.
    C. The NTP server is running authentication and should be trusted as a valid time source.
    D. Specific local time zones have not been configured on this router.
    E. This router will not act as an NTP server for requests from other devices.

  • Question 666:

    Which three statements about Cisco Flexible NetFlow are true? (Choose three.)

    A. The packet information used to create flows is not configurable by the user.
    B. It supports IPv4 and IPv6 packet fields.
    C. It tracks all fields of an IPv4 header as well as sections of the data payload.
    D. It uses two types of flow cache, normal and permanent.
    E. It can be a useful tool in monitoring the network for attacks.

  • Question 667:

    Using Cisco IOS, which two object-group options will permit networks 10.1.1.0/24 and 10.1.2.0/24 to host 192.168.5.1 port 80 and 443? (Choose 2.)

    A. object-group network SOURCE range 10.1.1.0 10.1.2.255 object-group network DESTINATION host 192.168.5.1 object-group service HTTP tcp eq www tcp eq 443 tcp source gt 1024 ! access-list 101 permit object-group HTTP object-group SOURCE object-group DESTINATION
    B. object-group network SOURCE 10.1.1.0 0.0.0.255 10.1.2.0 0.0.0.255 object-group network DESTINATION host 192.168.5.1 object-group service HTTP tcp eq www tcp eq 443 ! ip access-list extended ACL-NEW permit object-group SOURCE object-group DESTINATION object-group HTTP
    C. object-group network SOURCE 10.1.1.0 255.255.255.0 10.1.2.0 255.255.255.0 object-group network DESTINATION host 192.168.5.1 object-group service HTTP tcp eq www tcp eq 443 ! ip access-list extended ACL-NEW permit object-group SOURCE object-group DESTINATION object-group HTTP
    D. object-group network SOURCE 10.1.1.0 255.255.255.0 10.1.2.0 255.255.255.0 object-group network DESTINATION host 192.168.5.1 object-group service HTTP tcp eq www tcp eq 443 tcp source gt 1024 ! ip access-list extended ACL-NEW permit object-group HTTP object-group SOURCE object-group DESTINATION

  • Question 668:

    Refer to the exhibit.

    Which message could contain an authenticated initial_contact notify during IKE main mode negotiation?

    A. message 3
    B. message 5
    C. message 1
    D. none, initial_contact is sent only during quick mode
    E. none, notify messages are sent only as independent message types

  • Question 669:

    The Wi-Fi Alliance defined two certification programs, called WPA and WPA2, which are based on the IEEE 802.11i standard. Which three statements are true about these certifications? (Choose three.)

    A. WPA is based on the ratified IEEE 802.11i standard.
    B. WPA2 is based on the ratified IEEE 802.11i standard.
    C. WPA enhanced WEP with the introduction of TKIP.
    D. WPA2 requires the support of AES-CCMP.
    E. WPA2 supports only 802.1x/EAP authentication.

  • Question 670:

    Refer to the exhibit. Which effect of this configuration is true?

    A. Host_1 learns about R1,R2 and R3 and prefers R2 as its default router.
    B. Host_1 learns about R2,R3 only and R3 and prefers R3 as its default router.
    C. Host_1 selects R2 as its default router and load balances between R2 and R3.
    D. Host_1 learns about R1,R2 and R3 and load balances between them.
    E. Host_1 learns about R2,R3 only and R3 and prefers R2 as its default router.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.