350-018 Exam Details
-
Exam Code
:350-018 -
Exam Name
:CCIE Security written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:872 Q&As -
Last Updated
:Dec 11, 2021
Cisco 350-018 Online Questions & Answers
-
Question 801:
Refer to the exhibit.
What is the effect to the given configuration?
A. It resets FTP connection to all sites except cisco.com and hp.com
B. It resets FTP connection to cisco.com and hp.com only
C. It resets and logs FTP connection to all sites except cisco.com and hp.com
D. It resets and logs FTP connections to cisco.com and hp.com only
E. FTP connections are unaffected -
Question 802:
Which two statements about IPS signatures are true? (Choose two.)
A. All of the built-in signatures are enabled by default.
B. Tuned signatures are built-in signatures whose parameters are adjusted.
C. Once the signature is removed from the sensing engine it cannot be restored
D. It is recommended not to retire a signature that is not being used because then it cannot be restored.
E. It is possible to define custom signatures. -
Question 803:
What is the default duration of IPS anomaly detection's learning accept mode?
A. 12 hours
B. 48 hours
C. 24 hours
D. 8 hours -
Question 804:
Which two statements about DNSSEC are true? (Choose two)
A. It support data confidentiality for DNS client
B. It can protect bulk data as is it transmitted between DNS servers.
C. It supports data integrity for DNS clients.
D. It supports spilt-horizon DNS to prevent attackers from enumerating the names in a zone
E. It can protect all types of data published in the DNS -
Question 805:
What is the maximum pattern length supported by FPM searches within a packet?
A. 1500 bytes
B. 256 bytes
C. 512 bytes
D. 128 bytes -
Question 806:
In the IPv6 address 2001:DB8:130F::870:0:140B/64, which portion is the IPv6 interface identifier?
A. 2001:DB8:130F:0
B. 870:0:140B
C. 2001:DB8:130F
D. 0:870:0:140B -
Question 807:
Which label is advertised by an LSR to inform neighboring LSRs to perform the penultimate hop popping operation?
A. 0x00
B. php
C. swap
D. push
E. imp-null -
Question 808:
What is an example of a stream cipher?
A. RC4
B. DE5
C. Blowfish
D. RC5 -
Question 809:
Drag each step in the configuration of flexible NetFlow IPv6 traffic Unicast flows on the left into the correct order of operation on the right?
Select and Place:
-
Question 810:
Which four options could be flagged as potential issues by a network security risk assessment? (Choose four.)
A. router hostname and IP addressing scheme
B. router filtering rules C. route optimization
D. database connectivity and RTT
E. weak authentication mechanisms
F. improperly configured email servers
G. potential web server exploits
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.