1. Home
  2. Cisco
  3. 351-018

Cisco 351-018 Online Practice Questions and Exam Preparation

351-018 Exam Details

  • Exam Code
    :351-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :420 Q&As
  • Last Updated
    :Dec 09, 2021

Cisco 351-018 Online Questions & Answers

  • Question 231:

    In an 802.11 WLAN, which option is the Layer 2 identifier of a basic service set, and also is typically the MAC address of the radio of the access point?

    A. BSSID
    B. SSID
    C. VBSSID
    D. MBSSID

  • Question 232:

    Which four values can be used by the Cisco IPS appliance in the risk rating calculation? (Choose four.)

    A. attack severity rating
    B. target value rating
    C. signature fidelity rating
    D. promiscuous delta
    E. threat rating
    F. alert rating

  • Question 233:

    What functionality is provided by DNSSEC?

    A. origin authentication of DNS data
    B. data confidentiality of DNS queries and answers
    C. access restriction of DNS zone transfers
    D. storage of the certificate records in a DNS zone file

  • Question 234:

    Which two statements about an authoritative server in a DNS system are true? (Choose two.)

    A. It indicates that it is authoritative for a name by setting the AA bit in responses.
    B. It has a direct connection to one of the root name servers.
    C. It has a ratio of exactly one authoritative name server per domain.
    D. It cannot cache or respond to queries from domains outside its authority.
    E. It has a ratio of at least one authoritative name server per domain.

  • Question 235:

    Which four techniques can you use for IP data plane security? (Choose four.)

    A. Control Plane Policing
    B. interface ACLs
    C. uRPF
    D. MD5 authentication
    E. FPM
    F. QoS

  • Question 236:

    Which three statements are true regarding Security Group Tags? (Choose three.)

    A. When using the Cisco ISE solution, the Security Group Tag gets defined as a separate authorization result.
    B. When using the Cisco ISE solution, the Security Group Tag gets defined as part of a standard authorization profile.
    C. Security Group Tags are a supported network authorization result using Cisco ACS 5.x.
    D. Security Group Tags are a supported network authorization result for 802.1X, MAC Authentication Bypass, and WebAuth methods of authentication.
    E. A Security Group Tag is a variable length string that is returned as an authorization result.

  • Question 237:

    Which option shows the correct sequence of the DHCP packets that are involved in IP address assignment between the DHCP client and the server?

    A. REQUEST, OFFER, ACK
    B. DISCOVER, OFFER, REQUEST, ACK
    C. REQUEST, ASSIGN, ACK
    D. DISCOVER, ASSIGN, ACK
    E. REQUEST, DISCOVER, OFFER, ACK

  • Question 238:

    Which three new capabilities were added to HTTP v1.1 over HTTP v1.0? (Choose three.)

    A. chunked transfer encoding
    B. HTTP pipelining
    C. POST method
    D. HTTP cookies
    E. keepalive mechanism

  • Question 239:

    Which three HTTP header fields can be classified by NBAR for request messages? (Choose three.)

    A. User-Agent
    B. Server
    C. Referrer
    D. Content-Encoding
    E. Location
    F. From

  • Question 240:

    Which statement regarding TFTP is not true?

    A. Communication is initiated over UDP port 69.
    B. Files are transferred using a secondary data channel.
    C. Data is transferred using fixed-size blocks.
    D. TFTP authentication information is sent in clear text.
    E. TFTP is often utilized by operating system boot loader procedures.
    F. The TFTP protocol is implemented by a wide variety of operating systems and network devices.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 351-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.