1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 751:

    When a Cisco IOS Router receives a TCP packet with a TTL value less than or equal to 1, what will it do?

    A. Route the packet normally
    B. Drop the packet and reply with an ICMP Type 3, Code 1 (Destination Unreachable, Host Unreachable)
    C. Drop the packet and reply with an ICMP Type 11, Code 0 (Time Exceeded, Hop Count Exceeded)
    D. Drop the packet and reply with an ICMP Type 14, Code 0 (Timestamp Reply)

  • Question 752:

    Which three statements about LDAP are true? (Choose three.)

    A. LDAP uses UDP port 389 by default.
    B. LDAP is defined in terms of ASN.1 and transmitted using BER.
    C. LDAP is used for accessing X.500 directory services.
    D. An LDAP directory entry is uniquely identified by its DN.
    E. A secure connection via TLS is established via the UseTLS operation.

  • Question 753:

    Which two statements about ASA transparent mode are true? (Choose two.)

    A. It drops ARP traffic unless it is permitted.
    B. It does not support NAT.
    C. It requires the inside and outside interface to be in different subnets.
    D. It can pass IPv6 traffic.
    E. It cannot pass multicast traffic.
    F. It supports ARP inspection.

  • Question 754:

    Refer to the exhibit.

    You have received an advisory that your organization could be running a vulnerable product. Using the Cisco Systems Rapid Risk Vulnerability Response Model, you determine that * Your organization is running an affected product on a vulnerable version of code * The vulnerable component is enabled and there is no feasible workaround. * There is medium confidence of an attack without significant collateral damage to the organization. According to the model, what is the appropriate urgency level for remediation?

    A. contact ISP to trace attack
    B. priority maintenance process
    C. no action required
    D. remove vulnerable device from service
    E. standard maintenance process
    F. immediate mitigation process

  • Question 755:

    Which statement about the PVLAN is true?

    A. Promiscuous ports can only communicate with other promiscuous ports.
    B. Isolated ports cannot communicate with the other promiscuous ports.
    C. Community ports can communicate with the other promiscuous ports but not with the other community ports.
    D. Isolated ports can communicate with the other isolated ports only.
    E. Promiscuous ports can communicate with all the other type of ports.
    F. Community ports can communicate with the other community ports but not with promiscuous ports.

  • Question 756:

    Refer to the exhibit.

    With the client attempting an implicit SFTP connection to the SFTP server, which mode works by default?

    A. passive
    B. neither passive nor active
    C. active
    D. both passive and active

  • Question 757:

    Select and Place:

  • Question 758:

    Which two statements about the DES algorithm are true? (Choose two)

    A. The DES algorithm is based on asymmetric cryptography.
    B. The DES algorithm is a stream cipher.
    C. The DES algorithm is based on symmetric cryptography.
    D. The DES algorithm encrypts a block of 128 bits.
    E. The DES algorithm uses a 56-bit key.

  • Question 759:

    Which statement best describes the concepts of rootkits and privilege escalation?

    A. Rootkits propagate themselves.
    B. Privilege escalation is the result of a rootkit.
    C. Rootkits are a result of a privilege escalation.
    D. Both of these require a TCP port to gain access.

  • Question 760:

    Refer to the exhibit Which two statements about the given IPv6 ZBF configuration are true? (Choose two)

    A. It provides backward compatibility with legacy IPv6 inspection.
    B. It passes TCP,UDP,ICMP, and FTP traffic in both directions between z1 and z2.
    C. It provides backward compatibility with legacy IPv4 inspection.
    D. It inspects TCP,UDP,ICMP and FTP traffic from z1 to z2.
    E. It inspects TCP,UDP,ICMP and FTP traffic from z2 to z1.
    F. It passes TCP,UDP,ICMP, and FTP traffic from z1 to z2.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.