350-018 Exam Details
-
Exam Code
:350-018 -
Exam Name
:CCIE Security written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:872 Q&As -
Last Updated
:Dec 11, 2021
Cisco 350-018 Online Questions & Answers
-
Question 721:
Which two statements about PVLAN port types are true? (Choose two)
A. An isolated port can send and receive traffic only to and from promiscuous ports
B. Community port can send traffic to promiscuous ports in other communities on its broadcast domain
C. A community port can send traffic to community ports in other communities on its broadcast domain
D. An isolated port can receive traffic from promiscuous port in any community on its broadcast, but can send traffic only to port in its own community
E. A promiscuous port can send traffic to community ports in other broadcast domains.
F. A promiscuous port can send traffic to all ports within a broadcast domain. -
Question 722:
Which three of these are true statements about TLS? (Choose three.)
A. It can be used to secure SIP.
B. It allows for client authentication via certificates.
C. If a third-party (man-in-the-middle) observes the entire handshake between client and server, the third-party can decrypt the encrypted data that passes between them.
D. It is a secure protocol encapsulated within SSL.
E. It is a more recent version of SSL.
F. It cannot be used for HTTPS. -
Question 723:
Which two statements about the IPv6 Hop-by-Hop Options extension header (EH) are true?(Choose two)
A. The Hop-by-Hop EH is processed in hardware by all intermediate network devices.
B. The Hop-by-Hop extension header is processed by the CPU by network devices.
C. The Hop-by-Hop EH is encrypted by the Encapsulating Security Header.
D. If present, the Hop-by-Hop EH must fllow the Mobility EH.
E. If present,network devices must process the Hop-by-Hop EH first.
F. The Hop-by-Hop EH is processed in hardware at the source and the destination devices only. -
Question 724:
Which item is not authenticated by ESP?
A. ESP header
B. ESP trailer
C. New IP header
D. Original IP header
E. Data
F. TCP-UDP header -
Question 725:
Refer to the exhibit.
Which set of commands is required on an ASA to fix the problem that the exhibit shows?
A. ciscoasa(config)# webvpn ciscoasa(config-webvpn)# enable ciscoasa(config)# webvpn
B. ciscoasa(config-webvpn)#anyconnect enable ciscoasa(config)# webvpn ciscoasa(config-webvpn)# enable
C. ciscoasa(config-webvpn)# anyconnect enable ciscoasa(config)# webvpn
D. ciscoasa(config-webvpn)#anyconnect enable ciscoasa(config-webvpn)#anyconnect image 1 -
Question 726:
During a computer security forensic investigation, a laptop computer is retrieved that requires content analysis and information retrieval. Which file system is on it, assuming it has the default installation of Microsoft Windows Vista operating system?
A. HSFS
B. WinFS
C. NTFS
D. FAT
E. FAT32 -
Question 727:
What is the purpose of the SPI field in an IPsec packet?
A. identifies a transmission channel
B. provides anti-replay protection
C. ensures data integrity
D. contains a shared session key -
Question 728:
Refer to the exhibit. What type of attack is represented in the given Wireshark packet capture?
A. a SYN flood
B. B. spoofing
C. C.a duplicate ACK
D. D.TCP congestion control
E. E. a shrew attack -
Question 729:
Which three configuration tasks are required for VPN clustering of AnyConnect clients that are connecting to an FQDN on the Cisco ASA?? (Choose three.)
A. The redirect-fqdn command must be entered under the vpn load-balancing sub- configuration.
B. Each ASA in the VPN cluster must be able to resolve the IP of all DNS hostnames that are used in the cluster?.
C. The identification and CA certificates for the master FQDN hostname must be imported into each VPN cluster-member device?.
D. The remote-access IP pools must be configured the same on each VPN cluster-member interface. -
Question 730:
From what type of server can you to transfer files to ASA's internal memory ?
A. SSH
B. Netlogon
C. SFTP
D. SMB
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.