New Updated Cisco CCIE Security 350-018 Real Exam Download 231-240



When you are configuring the COOP feature for GETVPN redundancy, which two steps are required to ensure the proper COOP operations between the key servers? (Choose two.)


A.      Generate an exportable RSA key pair on the primary key server and export it to the secondary key server.

B.      Enable dead peer detection between the primary and secondary key servers.

C.      Configure HSRP between the primary and secondary key servers.

D.      Enable IPC between the primary and secondary key servers.

E.       Enable NTP on both the primary and secondary key servers to ensure that they are synchronized to the same clock source.


Correct Answer: AB




A Cisco Easy VPN software client is unable to access its local LAN devices once the VPN tunnel is established. What is the best way to solve this issue?


A.      The IP address that is assigned by the Cisco Easy VPN Server to the client must be on the same network as the local LAN of the client.

B.      The Cisco Easy VPN Server should apply split-tunnel-policy excludespecified with a

splittunnel-list containing the local LAN addresses that are relevant to the client.

C.      The Cisco Easy VPN Server must push down an interface ACL that permits the traffic to the local LAN from the client.

D.      The Cisco Easy VPN Server should apply a split-tunnel-policy tunnelall policy to the client.

E.       The Cisco Easy VPN client machine needs to have multiple NICs to support this.


Correct Answer: B




During the establishment of an Easy VPN tunnel, when is XAUTH performed?


A.      at the end of IKEv1 Phase 2

B.      at the beginning of IKEv1 Phase 1

C.      at the end of Phase 1 and before Phase 2 starts in IKEv1 and IKEv2

D.      at the end of Phase 1 and before Phase 2 starts in IKEv1


Correct Answer: D




Which three traffic conditions can be matched when configuring single rate, dual token bucket traffic policing on Cisco routers? (Choose three.)


A.      conform

B.      normal

C.      violate

D.      peak

E.       exceed

F.       average


Correct Answer: ACE




A frame relay PVC at router HQ has a CIR of 768 kb/s and the frame relay PVC at router branch office has a CIR of 384 kb/s. Which QoS mechanism can best be used to ease the data congestion and data loss due to the CIR speed mismatch?


A.      traffic policing at the HQ

B.      traffic policing at the branch office

C.      traffic shaping at the HQ

D.      traffic shaping at the branch office

E.       LLQ at the HQ

F.       LLQ at the branch office


Correct Answer: C




Refer to the exhibit. A customer has an IPsec tunnel that is configured between two remote offices. The customer is seeing these syslog messages on Router B:


%CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=x, sequence number=y


What is the most likely cause of this error?




A.      The customer has an LLQ QoS policy that is configured on the WAN interface of Router A.

B.      A hacker on the Internet is launching a spoofing attack.

C.      Router B has an incorrectly configured IP MTU value on the WAN interface.

D.      There is packet corruption in the network between Router A and Router B.

E.       Router A and Router B are not synchronized to the same timer source.


Correct Answer: A




In ISO 27001 ISMS, which three of these certification process phases are required to collect information for ISO 27001? (Choose three.)


A.      discover

B.      certification audit

C.      post-audit

D.      observation

E.       pre-audit

F.       major compliance


Correct Answer: BCE




Which three statements regarding ISO 27002 and COBIT are correct? (Choose three.)


A.      COBIT and ISO 27002 both define a best practices framework for IT controls.

B.      COBIT focuses on information system processes, whereas ISO 27002 focuses on the security of the information systems.

C.      ISO 27002 addresses control objectives, whereas COBIT addresses information security management process requirements.

D.      Compared to COBIT, ISO 27002 covers a broader area in planning, operations, delivery, support, maintenance, and IT governance.

E.       Unlike COBIT, ISO 27002 is used mainly by the IT audit community to demonstrate risk mitigation and avoidance mechanisms.


Correct Answer: ABC




The IETF is a collaborative effort by the international community of Internet professionals to improve the design, use, and management of the Internet. Which international organization charters the activity of IETF?


A.      IANA

B.      ISO

C.      ISOC

D.      RIR

E.       IEC


Correct Answer: C




Which RFC outlines BCP 84?


A.      RFC 3704

B.      RFC 2827

C.      RFC 3030

D.      RFC 2267

E.       RFC 1918


Correct Answer: A


Download Latest Complete collection of 350-018 Real Q&As ,help you to pass exam 100%.

Download FREE Ensurepass CCIE Security 350-018 Demo and Get the Discount Code
Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCIE ExamS Questions and Answers




You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by