350-018 Exam Details
-
Exam Code
:350-018 -
Exam Name
:CCIE Security written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:872 Q&As -
Last Updated
:Dec 11, 2021
Cisco 350-018 Online Questions & Answers
-
Question 741:
Drag each OSPF security feature on the left to its description on the right.
Select and Place:
-
Question 742:
You have discovered that a router on your network is experiencing high CPU when management server 10.11.10.12 queries OID IIdpMIB. Assuming management stations access to OID is not critical, what configuration can you apply to the router to prevent high CPU usage when the OID is queried?
E. Exhibit A
F. Exhibit B
G. Exhibit C
H. Exhibit D -
Question 743:
What is the ICMPv6 type and destination IPv6 address for a Neighbor Solicitation packet that is sent by a router that wants to learn about a newly introduced network device?
A. ICMP type 136 and the Solicited-Node multicast address
B. ICMP type 135 and the Broadcast address
C. ICMP type 136 and the All-Routers multicast address
D. ICMP type 135 and the All-Routers multicast address
E. ICMP type 135 and the Solicited-Node multicast address
F. ICMP type 136 and the Broadcast address -
Question 744:
If the ASA interfaces on a device are configured in passive mode, which mode must be configured on the remote device to enable EtherChannel?
A. Passive
B. On
C. Standby
D. Active -
Question 745:
Troubleshooting the web authentication fallback feature on a Cisco Catalyst switch shows that clients with the 802.1X supplicant are able to authenticate, but clients without the supplicant are not able to use web authentication. Which configuration option will correct this issue?
A. switch(config)# aaa accounting auth-proxy default start-stop group radius
B. switch(config-if)# authentication host-mode multi-auth
C. switch(config-if)# webauth
D. switch(config)# ip http server
E. switch(config-if)# authentication priority webauth dot1x -
Question 746:
Which three statements describe the security weaknesses of WEP? (Choose three.)
A. Key strength is weak and non-standardized.
B. The WEP ICV algorithm is not optimal for cryptographic integrity checking.
C. There is no key distribution mechanism.
D. Its key rotation mechanism is too predictable.
E. For integrity, it uses MD5, which has known weaknesses. -
Question 747:
Which two options are benefits of Shortcut Switching Enhancements for NHRP on DMVPN networks ?(Choose two)
A. It supports layered network topologies with central hubs and direct spoke-to-spoke tunnels between spokes on different hubs.
B. It allows data packets to be fast switched while spoke-to-spoke tunnels are being established.
C. It enables spokes to use a summary route to build spoke-to-spoke tunnels.
D. It enables the NHRP FIB lookup process to perform route summarization on the hub. -
Question 748:
Which statement is true about IKEv2 and IKEv1?
A. IKEv2 can be configured to use EAP, but IKEv1 cannot.
B. IKEv2 can be configured to use AES encryption, but IKEv1 cannot.
C. IKEv2 can be configured to interoperate with IKEv1 on the other end.
D. IKEv2 consumes more bandwidth than IKEv1. -
Question 749:
Which three IP resources is the IANA responsible? (Choose three.)
A. IP address allocation
B. detection of spoofed address
C. criminal prosecution of hackers
D. autonomous system number allocation
E. root zone management in DNS
F. BGP protocol vulnerabilities -
Question 750:
What feature enables extended secure access form non-secure physical locations?
A. NEAT
B. 802.1X port-based authentication
C. port security
D. storm-control
E. CBAC
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.