1. Home
  2. Cisco
  3. 351-018

Cisco 351-018 Online Practice Questions and Exam Preparation

351-018 Exam Details

  • Exam Code
    :351-018
  • Exam Name
    :CCIE Security written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :420 Q&As
  • Last Updated
    :Dec 09, 2021

Cisco 351-018 Online Questions & Answers

  • Question 281:

    With the Cisco FlexVPN solution, which four VPN deployments are supported? (Choose four.)

    A. site-to-site IPsec tunnels?
    B. dynamic spoke-to-spoke IPSec tunnels? (partial mesh)
    C. remote access from software or hardware IPsec clients?
    D. distributed full mesh IPsec tunnels?
    E. IPsec group encryption using GDOI?
    F. hub-and-spoke IPsec tunnels?

  • Question 282:

    What does the SXP protocol exchange between peers?

    A. IP to SGT binding information
    B. MAC to SGT binding information
    C. ingress port to SGT binding information
    D. ingress switch to SGT binding information

  • Question 283:

    Which option is representative of automatic IP addressing in IPv4?

    A. 10.1.x.x
    B. 172.10.1.x
    C. 169.254.x.x
    D. 196.245.x.x
    E. 128.1.1.x
    F. 127.1.x.x

  • Question 284:

    Which statement about the 3DES algorithm is true?

    A. The 3DES algorithm uses the same key for encryption and decryption,
    B. The 3DES algorithm uses a public-private key pair with a public key for encryption and a private key for decryption.
    C. The 3DES algorithm is a block cipher.
    D. The 3DES algorithm uses a key length of 112 bits.
    E. The 3DES algorithm is faster than DES due to the shorter key length.

  • Question 285:

    Which Cisco IOS IPS signature action denies an attacker session using the dynamic access list?

    A. produce-alert
    B. deny-attacker-inline
    C. deny-connection-inline
    D. reset-tcp-action
    E. deny-session-inline
    F. deny-packet-inline

  • Question 286:

    Which two statements describe GRE? (Choose two.)

    A. GRE acts as passenger protocol for a Layer 3 transport protocol.
    B. GRE acts as a tunneling protocol and encapsulates other protocols.
    C. GRE provides data confidentiality.
    D. Packet MTU must be adjusted to accommodate GRE overhead.
    E. GRE does not allow multicast to be sent across the tunnel.
    F. The GRE tunnel interface remains down until it can see the remote tunnel end.

  • Question 287:

    What will the receiving router do when it receives a packet that is too large to forward, and the DF bit is not set in the IP header?

    A. Drop the packet, and send the source an ICMP packet, indicating that the packet was too big to transmit.
    B. Fragment the packet into segments, with all segments having the MF bit set.
    C. Fragment the packet into segments, with all except the last segment having the MF bit set.
    D. Fragment the packet into segments, with all except the first segment having the MF bit set.

  • Question 288:

    Which three control plane subinterfaces are available when implementing Cisco IOS Control Plane Protection? (Choose three.)

    A. CPU
    B. host
    C. fast-cache
    D. transit
    E. CEF-exception
    F. management

  • Question 289:

    Which two statements about the DES algorithm are true? (Chosse two)

    A. The DES algorithm is based on asymmetric cryptography.
    B. The DES algorithm is a stream cipher.
    C. The DES algorithm is based on symmetric cryptography.
    D. The DES algorithm encrypts a block of 128 bits.
    E. The DES algorithm uses a 56-bit key.

  • Question 290:

    Which two statements about SNMP are true? (Choose two)

    A. SNMP operates at Layer-6 of the OSI model.
    B. NMS sends a request to the agent at TCP port 161.
    C. NMS sends request to the agent from any source port.
    D. NMS receives notifications from the agent on UDP 162.
    E. MIB is a hierarchical representation of management data on NMS.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 351-018 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.