[Jun 2016] 350-018 forum

Exam Code: 350-018 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Pre-Qualification Test for Security
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 350-018 Exam.

2016 Jun 350-018 Study Guide Questions:

Q101. Which protocol does 802.1X use between the supplicant and the authenticator to authenticate users who wish to access the network? 

A. SNMP 

B. TACACS+ 

C. RADIUS 

D. EAP over LAN 

E. PPPoE 

Answer: D 


Q102. A router has four interfaces addressed as 10.1.1.1/24, 10.1.2.1/24, 10.1.3.1/24, and 10.1.4.1/24. What is the smallest summary route that can be advertised covering these four subnets? 

A. 10.1.2.0/22 

B. 10.1.0.0/22 

C. 10.1.0.0/21 

D. 10.1.0.0/16 

Answer: C 


Q103. When is the supplicant considered to be clientless? 

A. when the authentication server does not have credentials to authenticate. 

B. when the authenticator is missing the dot1x guest VLAN under the port with which the supplicant is connected. 

C. when the supplicant fails EAP-MD5 challenge with the authentication server. 

D. when the supplicant fails to respond to EAPOL messages from the authenticator. 

E. when the authenticator is missing the reauthentication timeout configuration under the port with which the supplicant is connected. 

Answer: D 


350-018  free draindumps

Most recent cisco 350-018 exam:

Q104. As defined by Cisco TrustSec, which EAP method is used for Network Device Admission Control authentication? 

A. EAP-FAST 

B. EAP-TLS 

C. PEAP 

D. LEAP 

Answer: A 


Q105. Which three security features were introduced with the SNMPv3 protocol? (Choose three.) 

A. Message integrity, which ensures that a packet has not been tampered with in-transit 

B. DoS prevention, which ensures that the device cannot be impacted by SNMP buffer overflow 

C. Authentication, which ensures that the message is from a valid source 

D. Authorization, which allows access to certain data sections for certain authorized users 

E. Digital certificates, which ensure nonrepudiation of authentications 

F. Encryption of the packet to prevent it from being seen by an unauthorized source 

Answer: ACF 


Q106. Which two ISE Probes would be required to distinguish accurately the difference between an iPad and a MacBook Pro? (Choose two.) 

A. DHCP or DHCPSPAN 

B. SNMPTRAP 

C. SNMPQUERY 

D. NESSUS 

E. HTTP 

F. DHCP TRAP 

Answer: AE 


350-018  free draindumps

Certified ccie written exam 350-018 exam collection:

Q107. Which three statements about VXLANs are true? (Choose three.) 

A. It requires that IP protocol 8472 be opened to allow traffic through a firewall. 

B. Layer 2 frames are encapsulated in IP, using a VXLAN ID to identify the source VM. 

C. A VXLAN gateway maps VXLAN IDs to VLAN IDs. 

D. IGMP join messages are sent by new VMs to determine the VXLAN multicast IP. 

E. A VXLAN ID is a 32-bit value. 

Answer: BCD 


Q108. How are the username and password transmitted if a basic HTTP authentication is used? 

A. Base64 encoded username and password 

B. MD5 hash of the combined username and password 

C. username in cleartext and MD5 hash of the password 

D. cleartext username and password 

Answer: A 


Q109. crypto isakmp profile vpn1 

vrf vpn1 

keyring vpn1 

match identity address 172.16.1.1 255.255.255.255 

crypto map crypmap 1 ipsec-isakmp 

set peer 172.16.1.1 

set transform-set vpn1 

set isakmp-profile vpn1 

match address 101 

interface Ethernet1/2 

crypto map crypmap 

Which statements apply to the above configuration? (Choose two.) 

A. This configuration shows the VRF-Aware IPsec feature that is used to map the crypto ISAKMP profile to a specific VRF. 

B. VRF and ISAKMP profiles are mutually exclusive, so the configuration is invalid. 

C. An IPsec tunnel can be mapped to a VRF instance. 

D. Peer command under the crypto map is redundant and not required. 

Answer: AC 


Q110. Refer to the exhibit. 


What is this configuration designed to prevent? 

A. Man in the Middle Attacks 

B. DNS Inspection 

C. Backdoor control channels for infected hosts 

D. Dynamic payload inspection 

Answer: C 



see more 350-018 dumps