Exam Code: 350-018 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Pre-Qualification Test for Security
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 350-018 Exam.
2021 Jun 350-018 Study Guide Questions:
Q101. Which protocol does 802.1X use between the supplicant and the authenticator to authenticate users who wish to access the network?
D. EAP over LAN
Q102. A router has four interfaces addressed as 10.1.1.1/24, 10.1.2.1/24, 10.1.3.1/24, and 10.1.4.1/24. What is the smallest summary route that can be advertised covering these four subnets?
Q103. When is the supplicant considered to be clientless?
A. when the authentication server does not have credentials to authenticate.
B. when the authenticator is missing the dot1x guest VLAN under the port with which the supplicant is connected.
C. when the supplicant fails EAP-MD5 challenge with the authentication server.
D. when the supplicant fails to respond to EAPOL messages from the authenticator.
E. when the authenticator is missing the reauthentication timeout configuration under the port with which the supplicant is connected.
Most recent cisco 350-018 exam:
Q104. As defined by Cisco TrustSec, which EAP method is used for Network Device Admission Control authentication?
Q105. Which three security features were introduced with the SNMPv3 protocol? (Choose three.)
A. Message integrity, which ensures that a packet has not been tampered with in-transit
B. DoS prevention, which ensures that the device cannot be impacted by SNMP buffer overflow
C. Authentication, which ensures that the message is from a valid source
D. Authorization, which allows access to certain data sections for certain authorized users
E. Digital certificates, which ensure nonrepudiation of authentications
F. Encryption of the packet to prevent it from being seen by an unauthorized source
Q106. Which two ISE Probes would be required to distinguish accurately the difference between an iPad and a MacBook Pro? (Choose two.)
A. DHCP or DHCPSPAN
F. DHCP TRAP
Certified ccie written exam 350-018 exam collection:
Q107. Which three statements about VXLANs are true? (Choose three.)
A. It requires that IP protocol 8472 be opened to allow traffic through a firewall.
B. Layer 2 frames are encapsulated in IP, using a VXLAN ID to identify the source VM.
C. A VXLAN gateway maps VXLAN IDs to VLAN IDs.
D. IGMP join messages are sent by new VMs to determine the VXLAN multicast IP.
E. A VXLAN ID is a 32-bit value.
Q108. How are the username and password transmitted if a basic HTTP authentication is used?
A. Base64 encoded username and password
B. MD5 hash of the combined username and password
C. username in cleartext and MD5 hash of the password
D. cleartext username and password
Q109. crypto isakmp profile vpn1
match identity address 172.16.1.1 255.255.255.255
crypto map crypmap 1 ipsec-isakmp
set peer 172.16.1.1
set transform-set vpn1
set isakmp-profile vpn1
match address 101
crypto map crypmap
Which statements apply to the above configuration? (Choose two.)
A. This configuration shows the VRF-Aware IPsec feature that is used to map the crypto ISAKMP profile to a specific VRF.
B. VRF and ISAKMP profiles are mutually exclusive, so the configuration is invalid.
C. An IPsec tunnel can be mapped to a VRF instance.
D. Peer command under the crypto map is redundant and not required.
Q110. Refer to the exhibit.
What is this configuration designed to prevent?
A. Man in the Middle Attacks
B. DNS Inspection
C. Backdoor control channels for infected hosts
D. Dynamic payload inspection
see more 350-018 dumps