New Updated Cisco CCIE Security 350-018 Real Exam Download 201-210



Which two options represent definitions that are found in the syslog protocol (RFC 5426)? (Choose two.)


A.      Syslog message transport is reliable.

B.      Each syslog datagram must contain only one message.

C.      IPv6 syslog receivers must be able to receive datagrams of up to 1180 bytes.

D.      Syslog messages must be prioritized with an IP precedence of 7.

E.       Syslog servers must use NTP for the accurate time stamping of message arrival.


Correct Answer: BC




According to RFC-5426, syslog senders must support sending syslog message datagrams to which port?


A.      TCP port 514

B.      UDP port 514

C.      TCP port 69

D.      UDP port 69

E.       TCP port 161

F.       UDP port 161


Correct Answer: B




Refer to the exhibit. What service is enabled on the router for a remote attacker to obtain this information?




A.      TCP small services

B.      finger

C.      maintenance operation protocol

D.      chargen

E.       Telnet

F.       CEF


Correct Answer: B




In an 802.11 wireless network, what would an attacker have to spoof to initiate a

deauthentication attack against connected clients?


A.      the BSSID of the AP where the clients are currently connected

B.      the SSID of the wireless network

C.      the MAC address of the target client machine

D.      the broadcast address of the wireless network


Correct Answer: A




What is the commonly known name for the process of generating and gathering initialization vectors, either passively or actively, for the purpose of determining the security key of a wireless network?


A.      WEP cracking

B.      session hijacking

C.      man-in-the-middle attacks

D.      disassociation flood frames


Correct Answer: A



According to RFC 4890, which four ICMPv6 types are recommended to be allowed to transit a firewall? (Choose four.)


A.      Type 1 – destination unreachable

B.      Type 2 – packet too big

C.      Type 3 – time exceeded

D.      Type 0 – echo reply

E.       Type 8 – echo request

F.       Type 4 – parameter problem


Correct Answer: ABCF




Which action is performed first on the Cisco ASA appliance when it receives an incoming packet on its outside interface?


A.      check if the packet is permitted or denied by the inbound ACL applied to the outside interface

B.      check if the packet is permitted or denied by the global ACL

C.      check if the packet matches an existing connection in the connection table

D.      check if the packet matches an inspection policy

E.       check if the packet matches a NAT rule


Correct Answer: C




If an incoming packet from the outside interface does not match an existing connection in the connection table, which action will the Cisco ASA appliance perform next?


A.      drop the packet

B.      check the outside interface inbound ACL to determine if the packet is permitted or denied

C.      perform NAT operations on the packet if required

D.      check the MPF policy to determine if the packet should be passed to the SSM

E.       perform stateful packet inspection based on the MPF policy


Correct Answer: B




Refer to the exhibit. Which three statements about the Cisco ASDM screen seen in the exhibit are true? (Choose three.)




A.      This access rule is applied to all the ASA interfaces in the inbound direction.

B.      The ASA administrator needs to expand the More Options tag to configure the inbound or outbound direction of the access rule.

C.      The ASA administrator needs to expand the More Options tag to apply the access rule to an interface.

D.      The resulting ASA CLI command from this ASDM configuration is access-list global_access line 1 extended permit ip host host

E.       This access rule is valid only on the ASA appliance that is running software release 8.3 or later.

F.       This is an outbound access rule.


Correct Answer: ADE




Which command is required in order for the Botnet Traffic Filter on the Cisco ASA appliance to function properly?


A.      dynamic-filter inspect tcp/80

B.      dynamic-filter whitelist

C.      inspect botnet

D.      inspect dns dynamic-filter-snoop


Correct Answer: D


Download Latest Complete collection of 350-018 Real Q&As ,help you to pass exam 100%.

Download FREE Ensurepass CCIE Security 350-018 Demo and Get the Discount Code
Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCIE ExamS Questions and Answers



You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by