1. Home
  2. Cisco
  3. 351-018

Cisco 351-018 Online Practice Questions and Exam Preparation

351-018 Exam Details

  • Exam Code
    :351-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :420 Q&As
  • Last Updated
    :Dec 09, 2021

Cisco 351-018 Online Questions & Answers

  • Question 201:

    What IP protocol number is used in the protocol field of an IPv4 header, when IPv4 is used to tunnel IPv6 packets?

    A. 6
    B. 27
    C. 41
    D. 47
    E. 51

  • Question 202:

    Refer to the exhibit.

    What service is enabled on the router for a remote attacker to obtain this information?

    A. TCP small services
    B. finger
    C. maintenance operation protocol
    D. chargen
    E. Telnet
    F. CEF

  • Question 203:

    Which port or ports are used for the FTP data channel in passive mode?

    A. random TCP ports
    B. TCP port 21 on the server side
    C. TCP port 21 on the client side
    D. TCP port 20 on the server side
    E. TCP port 20 on the client side

  • Question 204:

    Which option is a benefit of implementing RFC 2827?

    A. prevents DoS from legitimate, non-hostile end systems
    B. prevents disruption of special services such as Mobile IP
    C. defeats DoS attacks which employ IP source address spoofing
    D. restricts directed broadcasts at the ingress router
    E. allows DHCP or BOOTP packets to reach the relay agents as appropriate

  • Question 205:

    Which feature can be implemented to avoid any MPLS packet loss?

    A. IP TTL propagation
    B. LDP IGP sync
    C. label advertisement sync
    D. conditional label advertisement
    E. PHP

  • Question 206:

    Which three statements about OCSP are correct? (Choose three.)

    A. OCSP is defined in RFC2560.
    B. OCSP uses only http as a transport.
    C. OCSP responders can use RSA and DSA signatures to validate that responses are from trusted entities.
    D. A response indicator may be good, revoked, or unknown.
    E. OCSP is an updated version SCEP.

  • Question 207:

    Which layer of the OSI reference model typically deals with the physical addressing of interface cards?

    A. physical layer
    B. data-link layer
    C. network layer
    D. host layer

  • Question 208:

    Refer to the exhibit.

    Which option describes the behavior of this configuration?

    A. Traffic from the 30.30.0.0/16 network to the 10.10.0.0/32 network will be translated.
    B. Traffic from the 30.30.0.0/32 network to the 10.10.0.0/16 network will not be translated.
    C. Traffic from the 10.10.0.0/16 network to the 30.30.30.0/24 network will not be translated.
    D. Traffic from the 10.10.0.0/32 network to the 30.30.30.0/16 network will be translated.

  • Question 209:

    A network administrator uses a LAN analyzer to troubleshoot OSPF router exchange messages sent to all OSPF routers. To which one of these MAC addresses are these messages sent?

    A. 00-00-1C-EF-00-00
    B. 01-00-5E-00-00-05
    C. 01-00-5E-EF-00-00
    D. EF-FF-FF-00-00-05
    E. EF-00-00-FF-FF-FF
    F. FF-FF-FF-FF-FF-FF

  • Question 210:

    What is the function of this command?

    switch(config-if)# switchport port-security mac-address sticky

    A. It allows the switch to restrict the MAC addresses on the switch port, based on the static MAC addresses configured in the startup configuration.
    B. It allows the administrator to manually configure the secured MAC addresses on the switch port.
    C. It allows the switch to permanently store the secured MAC addresses in the MAC address table (CAM table).
    D. It allows the switch to perform sticky learning, in which the dynamically learned MAC addresses are copied from the MAC address table (CAM table) to the startup configuration.
    E. It allows the switch to dynamically learn the MAC addresses on the switch port, and the MAC addresses will be added to the running configuration

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 351-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.