1. Home
  2. Cisco
  3. 350-018

Cisco 350-018 Online Practice Questions and Exam Preparation

350-018 Exam Details

  • Exam Code
    :350-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :872 Q&As
  • Last Updated
    :Dec 11, 2021

Cisco 350-018 Online Questions & Answers

  • Question 761:

    Which command can be used on a Cisco IOS device to prevent it from being used as an amplifier in a fraggle attack?

    A. no service tcp-small-servers
    B. no service udp-small-servers C. no ip directed-broadcast
    D. no ip redirects

  • Question 762:

    What two statements about the PCoIP protocol are true? (Choose two.)

    A. It uses a variety of codecs to support different operating systems.
    B. It supports both lossy and lossless compression.
    C. It is a TCP-based protocol
    D. It is available in both software and hardware.
    E. It is a client-rendered, multi-codec protocol.

  • Question 763:

    What protocol does SMTPS use to secure SMTP connections?

    A. TLS
    B. AES
    C. Telnet
    D. SSH

  • Question 764:

    Which protocol is superseded by AES?

    A. DES
    B. RSA
    C. RC4
    D. MD5

  • Question 765:

    User A at Company A is trying to transfer files to Company B, using FTP. User A can connect to the FTP server at Company B correctly, but User A cannot get a directory listing or upload files. The session hangs. What are two possible causes for this problem? (Choose two.)

    A. Active FTP is being used, and the firewall at Company A is not allowing the returning data connection to be initiated from the FTP server at Company B.
    B. Passive FTP is being used, and the firewall at Company A is not allowing the returning data connection to be initiated from the FTP server at Company B.
    C. At Company A, active FTP is being used with a non-application aware firewall applying NAT to the source address of User A only.
    D. The FTP server administrator at Company B has disallowed User A from accessing files on that server.
    E. Passive FTP is being used, and the firewall at Company B is not allowing connections through to port 20 on the FTP server.

  • Question 766:

    Which two statements about IPv6 path MTU discovery are true? (Choose two.)

    A. If the destination host receives an ICMPv6 Packet Too Big message from a router, it reduces its path MTU.
    B. It can allow fragmentation when the minimum MTU is below a configured value.
    C. The discovery packets are dropped if there is congestion on the link.
    D. If the source host receives an ICMPv6 Packet Too Big message from a router, it reduces its path MTU.
    E. During the discovery process, the DF bit is set to 1.
    F. The initial path MTU is the same as the MTU of the original node's link layer interface.

  • Question 767:

    Which statement is true about an NTP server?

    A. It answers using UTC time.
    B. It uses the local time of the server with its time zone indication.
    C. It uses the local time of the server and does not indicate its time zone.
    D. It answers using the time zone of the client.

  • Question 768:

    In a Cisco ASA multiple-context mode of operation configuration ,what three session types are resource-limited by default when their context is a member of the default class?(Choose three)

    A. ASDM sessions
    B. Telnet sessions
    C. IPSec sessions
    D. SSL VPN sessions
    E. TCP sessions
    F. SSH sessions

  • Question 769:

    Which three nonproprietary EAP methods do not require the use of a client-side certificate for mutual authentication? (Choose three.)

    A. LEAP
    B. EAP-TLS
    C. PEAP
    D. EAP-TTLS
    E. EAP-FAST

  • Question 770:

    Which statement describes RA?

    A. The RA is not responsible to verify users request for digital certificates.
    B. The RA is part of private key infrastructure.
    C. The RA has the power to accept registration requests and to issue certificates.
    D. The RA only forwards the requests to the CA to issue certificates.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.