★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 350-018 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/350-018-dumps.html
Exam Code: 350-018 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Pre-Qualification Test for Security
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 350-018 Exam.
2021 Nov ccie 350-018 written:
Q231. During the establishment of an Easy VPN tunnel, when is XAUTH performed?
A. at the end of IKEv1 Phase 2
B. at the beginning of IKEv1 Phase 1
C. at the end of Phase 1 and before Phase 2 starts in IKEv1 and IKEv2
D. at the end of Phase 1 and before Phase 2 starts in IKEv1
Answer: D
Q232. Which three statements are true regarding Security Group Tags? (Choose three.)
A. When using the Cisco ISE solution, the Security Group Tag gets defined as a separate authorization result.
B. When using the Cisco ISE solution, the Security Group Tag gets defined as part of a standard authorization profile.
C. Security Group Tags are a supported network authorization result using Cisco ACS 5.x.
D. Security Group Tags are a supported network authorization result for 802.1X, MAC Authentication Bypass, and WebAuth methods of authentication.
E. A Security Group Tag is a variable length string that is returned as an authorization result.
Answer: ACD
Q233. Refer to the exhibit.
With the client protected by the firewall, an HTTP connection from the client to the server on TCP port 80 will be subject to which action?
A. inspection action by the HTTP_CMAP
B. inspection action by the TCP_CMAP
C. drop action by the default class
D. inspection action by both the HTTP_CMAP and TCP_CMAP
E. pass action by the HTTP_CMAP
F. drop action due to class-map misclassification
Answer: B
Q234. Refer to the exhibit.
Which two statements about this Cisco Catalyst switch configuration are correct? (Choose two.)
A. The default gateway for VLAN 200 should be attached to the FastEthernet 5/1 interface.
B. Hosts attached to the FastEthernet 5/1 interface can communicate only with hosts attached to the FastEthernet 5/4 interface.
C. Hosts attached to the FastEthernet 5/2 interface can communicate with hosts attached to the FastEthernet 5/3 interface.
D. Hosts attached to the FastEthernet 5/4 interface can communicate only with hosts attached to the FastEthernet 5/2 and FastEthernet 5/3 interfaces.
E. Interface FastEthernet 5/1 is the community port.
F. Interface FastEthernet 5/4 is the isolated port.
Answer: BC
Q235. Beacons, probe request, and association request frames are associated with which category?
A. management
B. control
C. data
D. request
Answer: A
Leading cisco 350-018 vce:
Q236. With ASM, sources can launch attacks by sending traffic to any groups that are supported by an active RP. Such traffic might not reach a receiver but will reach at least the first-hop router in the path, as well as the RP, allowing limited attacks. However, if the attacking source knows a group to which a target receiver is listening and there are no appropriate filters in place, then the attacking source can send traffic to that group. This traffic is received as long as the attacking source is listening to the group.
Based on the above description, which type of security threat is involved?
A. DoS
B. man-in-the-middle
C. compromised key
D. data modification
Answer: A
Q237. Which two ISE Probes would be required to distinguish accurately the difference between an iPad and a MacBook Pro? (Choose two.)
A. DHCP or DHCPSPAN
B. SNMPTRAP
C. SNMPQUERY
D. NESSUS
E. HTTP
F. DHCP TRAP
Answer: AE
Q238. Refer to the exhibit.
Identify the behavior of the ACL if it is applied inbound on E0/0.
A. The ACL will drop both initial and noninitial fragments for port 80 only.
B. The ACL will pass both initial and non-initial fragments for port 80 only.
C. The ACL will pass the initial fragment for port 80 but drop the noninitial fragment for any port.
D. The ACL will drop the initial fragment for port 80 but pass the noninitial fragment for any port.
Answer: B
Q239. Which statement about the ASA redundant interface is true?
A. It is a logical interface that combines two physical interfaces, both of which are active.
B. It can only be used for failover links.
C. By default, the first physical interface that is configured in the pair is the active interface.
D. The redundant interface uses the MAC address of the second physical interface in the pair.
Answer: C
Q240. Which Cisco IPS appliance feature can automatically adjust the risk rating of IPS events based on the reputation of the attacker?
A. botnet traffic filter
B. event action rules
C. anomaly detection
D. reputation filtering
E. global correlation inspection
Answer: E