New Updated Cisco CCIE Security 350-018 Real Exam Download 31-40



Which three security features were introduced with the SNMPv3 protocol? (Choose three.)


A.      Message integrity, which ensures that a packet has not been tampered with in-transit

B.      DoS prevention, which ensures that the device cannot be impacted by SNMP buffer overflow

C.      Authentication, which ensures that the message is from a valid source

D.      Authorization, which allows access to certain data sections for certain authorized users

E.       Digital certificates, which ensure nonrepudiation of authentications

F.       Encryption of the packet to prevent it from being seen by an unauthorized source


Correct Answer: ACF




Which common Microsoft protocol allows Microsoft machine administration and operates over TCP port 3389?


A.      remote desktop protocol

B.      desktop mirroring

C.      desktop shadowing

D.      Tarantella remote desktop


Correct Answer: A




To prevent a potential attack on a Cisco IOS router with the echo service enabled, what action should you take?


A.      Disable the service with the no ip echo command.

B.      Disable the service with the no echo command.

C.      Disable tcp-small-servers.

D.      Disable this service with a global access-list.


Correct Answer: C




Which query type is required for an nslookup on an IPv6 addressed host?


A.      type=AAAA

B.      type=ANY

C.      type=PTR

D.      type=NAME-IPV6


Correct Answer: A






According to OWASP guidelines, what is the recommended method to prevent cross-site request forgery?


A.      Allow only POST requests.

B.      Mark all cookies as HTTP only.

C.      Use per-session challenge tokens in links within your web application.

D.      Always use the “secure” attribute for cookies.

E.       Require strong passwords.


Correct Answer: C




Which option is used to collect wireless traffic passively, for the purposes of eavesdropping or information gathering?


A.      network taps

B.      repeater Access Points

C.      wireless sniffers

D.      intrusion prevention systems


Correct Answer: C




Which traffic class is defined for non-business-relevant applications and receives any bandwidth that remains after QoS policies have been applied?


A.      scavenger class

B.      best effort

C.      discard eligible

D.      priority queued


Correct Answer: A




In the context of a botnet, what is true regarding a command and control server?


A.      It can launch an attack using IRC or Twitter.

B.      It is another name for a zombie.

C.      It is used to generate a worm.

D.      It sends the command to the botnets via adware.


Correct Answer: A




Which option is used for anti-replay prevention in a Cisco IOS IPsec implementation?


A.      session token

B.      one-time password

C.      time stamps

D.      sequence number

E.       nonce


Correct Answer: D




Refer to the exhibit. What will be the default action?




A.      HTTP traffic to the Facebook, Youtube, and Twitter websites will be dropped.

B.      HTTP traffic to the Facebook and Youtube websites will be dropped.

C.      HTTP traffic to the Youtube and Twitter websites will be dropped.

D.      HTTP traffic to the Facebook and Twitter websites will be dropped.


Correct Answer: D


Download Latest Cisco CCIE Security 350-018 Real Free Tests ,help you to pass exam 100%.

Download FREE Ensurepass CCIE Security 350-018 Demo and Get the Discount Code
Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCIE ExamS Questions and Answers




You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by