Cisco 351-018 Online Practice
Questions and Exam Preparation
351-018 Exam Details
Exam Code
:351-018
Exam Name
:CCIE Security written
Certification
:Cisco Certifications
Vendor
:Cisco
Total Questions
:420 Q&As
Last Updated
:Dec 09, 2021
Cisco 351-018 Online Questions &
Answers
Question 131:
When the RSA algorithm is used for signing a message from Alice to Bob, which statement best describes that operation?
A. Alice signs the message with her private key, and Bob verifies that signature with Alice's public key. B. Alice signs the message with her public key, and Bob verifies that signature with Alice's private key. C. Alice signs the message with Bob's private key, and Bob verifies that signature with his public key. D. Alice signs the message with Bob's public key, and Bob verifies that signature with his private key. E. Alice signs the message with her public key, and Bob verifies that signature with his private key. F. Alice signs the message with her private key, and Bob verifies that signature with his public key.
A. Alice signs the message with her private key, and Bob verifies that signature with Alice's public key.
Question 132:
Which statement about PVLAN setup is true?
A. The host that is connected to the community port can communicate with a host that is connected to a different community port. B. The host that is connected to the community port cannot communicate with hosts that are connected to the promiscuous port. C. The host that is connected to the community port cannot communicate with hosts that are connected to the isolated port. D. The host that is connected to the community port can only communicate with hosts that are connected to the same community port.
C. The host that is connected to the community port cannot communicate with hosts that are connected to the isolated port.
Question 133:
Which would be the best method to deploy on a Cisco ASA to detect and prevent viruses and worms?
A. deep packet inspection B. content security via the Control Security Services Module C. Unicast Reverse Path Forwarding D. IP audit signatures
B. content security via the Control Security Services Module
Question 134:
The IETF is a collaborative effort by the international community of Internet professionals to improve the design, use, and management of the Internet. Which international organization charters the activity of IETF?
A. IANA B. ISO C. ISOC D. RIR E. IEC
C. ISOC
Question 135:
Which mode of operation must be enabled on CSM to support roles such as Network Administrator, Approver, Network Operator, and Help Desk?
A. Deployment Mode B. Activity Mode C. Workflow Mode D. User Roles Mode E. Administration Mode F. Network Mode
C. Workflow Mode
Question 136:
Which option on the Cisco ASA appliance must be enabled when implementing botnet traffic filtering?
A. HTTP inspection B. static entries in the botnet blacklist and whitelist C. global ACL D. NetFlow E. DNS inspection and DNS snooping
E. DNS inspection and DNS snooping
Question 137:
Which label is advertised by an LSR to inform neighboring LSRs to perform the penultimate hop popping operation?
A. 0x00 B. php C. swap D. push E. imp-null
E. imp-null
Question 138:
Which three routing characteristics are relevant for DMVPN Phase 3? (Choose three.)
A. Hubs must not preserve the original IP next-hop. B. Hubs must preserve the original IP next-hop. C. Split-horizon must be turned off for RIP and EIGRP. D. Spokes are only routing neighbors with hubs. E. Spokes are routing neighbors with hubs and other spokes. F. Hubs are routing neighbors with other hubs and must use the same routing protocol as that used on hub-spoke tunnels.
A. Hubs must not preserve the original IP next-hop. C. Split-horizon must be turned off for RIP and EIGRP. D. Spokes are only routing neighbors with hubs.
Question 139:
Which two statements about PCI DSS are true? (Choose two.)
A. PCI DSS is a US government standard that defines ISP security compliance. B. PCI DSS is a proprietary security standard that defines a framework for credit, debit, and ATM cardholder information. C. PCI DSS is a criminal act of cardholder information fraud. D. One of the PCI DSS objectives is to restrict physical access to credit, debit, and ATM cardholder information. E. PCI DSS is an IETF standard for companies to protect credit, debit, and ATM cardholder information.
B. PCI DSS is a proprietary security standard that defines a framework for credit, debit, and ATM cardholder information. D. One of the PCI DSS objectives is to restrict physical access to credit, debit, and ATM cardholder information.
Question 140:
Which two identifiers are used by a Cisco Easy VPN Server to reference the correct group policy information for connecting a Cisco Easy VPN Client? (Choose two.)
A. IKE ID_KEY_ID B. OU field in a certificate that is presented by a client C. XAUTH username D. hash of the OTP that is sent during XAUTH challenge/response E. IKE ID_IPV4_ADDR
A. IKE ID_KEY_ID B. OU field in a certificate that is presented by a client
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Cisco exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your 351-018 exam preparations
and Cisco certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.