350-018 Royal Pack Testengine pdf
100% Actual & Verified — 100% PASS
Unlimited access to the world's largest Dumps library! Try it Free Today!https://www.exambible.com/350-018-exam/
Exam Number/Code: 350-018
Exam name: CCIE Pre-Qualification Test for Security
n questions with full explanations
Certification: Cisco Certification
Last updated on Global synchronizing
Exam Code: 350-018 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Pre-Qualification Test for Security
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 350-018 Exam.
2016 May 350-018 Study Guide Questions:
Q21. Which three authentication methods does the Cisco IBNS Flexible Authentication feature support? (Choose three.)
A. cut-through proxy
E. web authentication
Q22. Which three RADIUS protocol statements are true? (Choose three.)
A. RADIUS protocol runs over TCP 1645 and 1646.
B. Network Access Server operates as a server for RADIUS.
C. RADIUS packet types for authentication include Access-Request, Access-Challenge, Access-Accept, and Access-Reject.
D. RADIUS protocol runs over UDP 1812 and 1813.
E. RADIUS packet types for authentication include Access-Request, Access-Challenge, Access-Permit, and Access-Denied.
F. RADIUS supports PPP, PAP, and CHAP as authentication methods.
Q23. Which protocol is superseded by AES?
Refresh actualtests 350-018:
Q24. Which statement best describes the concepts of rootkits and privilege escalation?
A. Rootkits propagate themselves.
B. Privilege escalation is the result of a rootkit.
C. Rootkits are a result of a privilege escalation.
D. Both of these require a TCP port to gain access.
Q25. Which configuration is the correct way to change a GET VPN Key Encryption Key lifetime to 10800 seconds on the key server?
A. crypto isakmp policy 1 lifetime 10800
B. crypto ipsec security-association lifetime? seconds 10800
C. crypto ipsec profile getvpn-profile set security-association lifetime seconds 10800 ! crypto gdoi group GET-Group identity number 1234 server local sa ipsec 1 profile getvpn-profile
D. ?crypto gdoi group GET-Group identity number 1234 server local rekey lifetime seconds 10800
E. crypto gdoi group GET-Group identity number 1234 server local set security-association lifetime seconds 10800
Q26. Refer to the exhibit.
Which option describes the behavior of this configuration?
A. Traffic from the 126.96.36.199/16 network to the 10.10.0.0/32 network will be translated.
B. Traffic from the 188.8.131.52/32 network to the 10.10.0.0/16 network will not be translated.
C. Traffic from the 10.10.0.0/16 network to the 184.108.40.206/24 network will not be translated.
D. Traffic from the 10.10.0.0/32 network to the 220.127.116.11/16 network will be translated.
Validated 350-018 v4.0:
Q27. Which two statements about VTP passwords are true? (Choose two)
A. The VTP password can only be configured when the switch is in Server mode.
B. The VTP password is sent in the summary advertisements..
C. The VTP password is encrypted for confidentiality using 3DES.
D. VTP is not required to be configured on all switches in the domain.
E. The VTP password is hashed to preserve authenticity using the MD5 algorithm.
F. The VTP password can only be configured when the switch is in Client mode.
Q28. Which option shows the correct sequence of the DHCP packets that are involved in IP address assignment between the DHCP client and the server?
A. REQUEST, OFFER, ACK
B. DISCOVER, OFFER, REQUEST, ACK
C. REQUEST, ASSIGN, ACK
D. DISCOVER, ASSIGN, ACK
E. REQUEST, DISCOVER, OFFER, ACK
Q29. DNSSEC was designed to overcome which security limitation of DNS?
A. DNS man-in-the-middle attacks
B. DNS flood attacks
C. DNS fragmentation attacks
D. DNS hash attacks
E. DNS replay attacks
F. DNS violation attacks
Q30. Which three are RFC 5735 addresses? (Choose three.)
see more http://www.pdfcollection.net/350-018-pdf.html