Proper study guides for Up to date Cisco CCIE Pre-Qualification Test for Security certified begins with Cisco 350-018 preparation products which designed to deliver the High quality 350-018 questions by making you pass the 350-018 test at your first time. Try the free 350-018 demo right now.
2016 Sep 350-018 Study Guide Questions:
Q271. Which three statements about the TACACS protocol are correct? (Choose three.)
A. TACACS+ is an IETF standard protocol.
B. TACACS+ uses TCP port 47 by default.
C. TACACS+ is considered to be.more secure than the RADIUS protocol.
D. TACACS+ can support authorization and accounting while having another separate authentication solution.
E. TACACS+ only encrypts the.password of the.user.for security.
F. TACACS+ supports per-user or per-group for authorization of router commands.
Q272. Which three statements about the IANA are true? (Choose three.)
A. IANA is a department that is operated by the IETF.
B. IANA oversees global IP address allocation.
C. IANA managed the root zone in the DNS.
D. IANA is administered by the ICANN.
E. IANA defines URI schemes for use on the Internet.
Q273. crypto gdoi group gdoi_group identity number 1234 server local sa receive-only sa ipsec 1 profile gdoi-p match address ipv4 120
Which statement about the above configuration is true?
A. The key server instructs the DMVPN spoke to install SAs outbound only.
B. The key server instructs the GDOI group to install SAs inbound only.
C. The key server instructs the DMVPN hub to install SAs outbound only.
D. The key server instructs the GDOI spoke to install SAs inbound only.
Rebirth kill ccie 350-018:
Q274. Which four attributes are identified in an X.509v3 basic certificate field? (Choose four.)
A. key usage
B. certificate serial number
D. subject name
E. signature algorithm identifier
F. CRL distribution points
G. subject alt name
Q275. Which option explains the passive scan technique that is used by wireless clients to discover available wireless networks?
A. listening for access point beacons that contain available wireless networks
B. sending a null probe request
C. sending a null association request
D. listening for access point probe response frames that contain available wireless networks
Q276. Which statement is true about IKEv2 and IKEv1?
A. IKEv2 can be configured to use EAP, but IKEv1 cannot.
B. IKEv2 can be configured to use AES encryption, but IKEv1 cannot.
C. IKEv2 can be configured to interoperate with IKEv1 on the other end.
D. IKEv2 consumes more bandwidth than IKEv1.
Validated examcollection 350-018:
Q277. Which layer of the OSI model is referenced when utilizing http inspection on the Cisco ASA to filter Instant Messaging or Peer to Peer networks with the Modular Policy Framework?
A. application layer
B. presentation layer
C. network layer
D. transport layer
Q278. Which domain is used for a reverse lookup of IPv4 addresses?
Q279. Which three statements are true regarding the EIGRP update message? (Choose three.)
A. Updates require an acknowledgement with an ACK message.
B. Updates can be sent to the multicast address 126.96.36.199.
C. Updates are sent as unicasts when they are retransmitted.
D. Updates always include all routes known by the router with partial updates sent in the Reply message.
E. ACKs for updates are handled by TCP mechanisms.
Q280. Which configuration option will correctly process network authentication and authorization using both 802.1X and MAB on a single port?
A. Option A
B. Option B
C. Option C
D. Option D