Worldwide:
Change

350-018, Cisco CCIE 350-018 Exam

Home >> Cisco >> CCIE >> 350-018

350-018 Exam

Cisco 350-018 exam
  • Questions and Answers
  • 199 Q&As
  • Update time
  • March 14th,2010
  • Software Price
  • $145 $100

loading loading

download pdf demo

+ add to wishlist

Product Description

Exam Number/Code: 350-018

Exam name: CCIE Pre-Qualification Test for Security

Cisco 350-018 Practice Exams
350-018 Exam Intro:
Cisco Certified Internetwork Expert Security - CCIE
Passing Score: Marks range from 300-1000 (passing score changes every time)
Number of Questions: 90-110 Questions in 120 minutes

Network security is one thing that has is being rapidly updated and advanced with each passing second. People data is really important and people don’t want to lose it. Hence the security with in a network and outside it is essential. Hence the job of CCIE in network security becomes more important, and so does the demands of this certification.

Exam 350-018: Cisco Certified Network Associate (CCNA): counts as credit toward the following certification:

Cisco Certified Internetwork Expert Security (CCIE)

The user has to give the written exam and upon passing that he is to give the lab test with in a period of 18 months. The components required for written exam are written below as for the lab exam, first comes the firewalls, then VPN and finally implementing security, maintaining it and make sure to dismantle any threat that comes. As this is the last level in the network security, deep understanding of all the previous certifications is required.

Exambible 350-018 Exam Topics:

  • General Networking
  • Security Protocols, Ciphers and Hash Algorithms
  • Application Protocols
  • Security Technologies 
  • Cisco Security Appliances and Applications  
  • Cisco Security Management
  • Cisco Security General 
  • Security Solutions
  • Security General 

More Cisco CCIE Resources

Recommended Cisco exams

  • Cisco 642-566 exam: Security Solutions for Systems Engineers Exam
  • Cisco 642-961 exam: Cisco Data Center Networking Infrastructure Solutions design
  • Cisco 642-061 exam: Routing and Switching Solutions for System Engineers
  • Cisco 642-587 exam: Advanced Wireless LAN for Field Engineers
  • Cisco 650-251 exam: LCSAUC Cisco Lifecycle Services Advanced IP Communications
  • Cisco 650-621 exam: LCSAWALAN Cisco Lifecycle Services Advanced Wireless
  • Cisco 350-027 exam: CCIE Written: Metro Ethernet
  • Cisco 642-112 exam: Converged Business
  • Cisco 642-631 exam: Advanced Wireless LAN for Field Engineers
  • Cisco 642-731 exam: Conducting Cisco Unified Wireless Site Survey
  • Cisco 350-030 exam: CCIE Voice Written
  • Cisco 644-141 exam: IP Communications CallManager Express Exam (CME)

Cisco CCIE 350-018 Web Demo

This webdemo is just a demo data, only for reference and learning, there is no other purposes.

1. Which two of the following statements describe why TACACS+ is more desirable from a security standpoint than RADIUS? (Choose two.)
A. It uses UDP as its transport.
B. It uses TCP as its transport.
C. It encrypts the password field with a unique key between server and requester.
D. Encrypting the whole data payload is optional.
E. Authentication and authorization are combined into a single query for robustness.
Answer: BD


2.Which two of the following statements are attributed to stateless filtering? (Choose two.)
A. The first TCP packet in a flow must be a SYN packet.
B. It must process every packet against the inbound ACL filter.
C. It can look at sequence numbers to validate packets in flow.
D. It must implement an idle timeout.
E. It can be used in asymmetrical traffic flows.
Answer: BE

3. Which three of these statements describe how DNSSEC prevents DNS cache poisoning attacks from succeeding? (Choose three.)
A. DNSSEC encrypts all records with domain-specific keys.
B. DNSSEC eliminates caching and forces all answers to be authoritative.
C. DNSSEC introduces KEY records that hold domain-specific public keys.
D. DNSSEC deprecates CNAME records and replaces them with DS records.
E. DNSSEC utilizes DS records to establish a trusted hierarchy of zones.
F. DNSSEC signs all records with domain-specific keys.
Answer: CEF

4. Which three of the following are attributes of the RADIUS protocol? (Choose three.)
A. encrypts the password
B. hashes the password
C. uses UDP as the transport
D. uses TCP as the transport
E. combines authentication and authorization in a single request
F. commonly used to implement command authorization
Answer: BCE

5. In regards to private address space, which three of the following statements are true? (Choose three.)
A. Private address space is defined in RFC 1918.
B. These IP addresses are considered private:
10.0.0.0
172.15.0.0
192.168.0.0
C. Private address space is not supposed to be routed over the Internet.
D. 127.0.0.1 is also considered part of private address space, according to the RFC.
E. Using only private address space and NAT to the Internet is not considered as secure as having a stateful firewall.
Answer: ACE

6. When using Cisco SDM to manage a Cisco IOS device, what configuration statements are necessary to be able to use Cisco SDM?
A. ip http server
B. ip http secure-server
C. ip http server
sdm location X.X.X.X
D. ip http secure-server
sdm location X.X.X.X
E. ip http server
ip http secure-server
Answer: A

7. When initiating a new SSL/TLS session, the client receives the server SSL certificate and validates it. What does the client use the certificate for after validating it?
A. The client and server use the key in the certificate to encrypt all data in the following SSL session.
B. The server creates a separate session key and sends it to the client. The client has to decrypt the session key using the server public key from the certificate.
C. The client creates a separate session key and encrypts it with the server public key from the certificate before sending it to the server.
D. Nothing, the client and server switch to symmetric encryption using IKE to exchange keys.
E. The client generates a random string, encrypts it with the server public key from the certificate, and sends it to the server. Both the client and server derive the session key from the random data sent by the client.
Answer: E

8. A firewall administrator received this syslog message from his adaptive security appliance. What can the firewall administrator infer from the message?
A. The server at 209.165.201.10 is under a smurf attack.
B. The server at 10.1.1.20 is under a SYN attack.
C. The client at 209.165.201.10 has been infected with a virus.
D. The server at 10.1.1.20 is under a smurf attack.
Answer: B


Cisco 350-018

The Cisco Certified Internetwork Expert (CCIE) is the ultimate achievement in Cisco certification. This is the highest certification available by Cisco, and is recognized worldwide as the most prominent certification in the technical networking industry.
Network security is one thing that has is being rapidly updated and advanced with each passing second. People data is really important and people don’t want to lose it. Hence the security with in a network and outside it is essential. Hence the job of CCIE in network security becomes more important, and so does the demands of this certification.
Exambible released the newest 350-018 exam questions. The study guide of 350-018 is available now. Professionals in Exambible never feel satisfied with the achievement. We keep on trying to provide the latest resources in the highest quality.350-018 can be a challenging exam,experts are producting precise verified explanations using their rich industry experience to make sure your pass, your master, otherwise you can get your money back or take the exam again definately free and one more exam whenever yuo want to take Cisco.
Exambible 350-018 Exam Topics:
*Routing and Switching
*Security
*Service Provider
*Storage Networking
*Voice
*Wireless
Maintenance of a CCIE certification requires completion of either a CCDE or CCIE written exam. The exam must be taken within a two year timeframe immediately following the current deadline for recertification. Extension of active Professional, Associate, Expert, and Specialist certifications is automatic with an active CCDE or CCIE certification.
Web Demo
1. Which two of the following statements are attributed to stateless filtering? (Choose two.)
A. The first TCP packet in a flow must be a SYN packet.
B. It must process every packet against the inbound ACL filter.
C. It can look at sequence numbers to validate packets in flow.
D. It must implement an idle timeout.
E. It can be used in asymmetrical traffic flows.
Answer: B E
2. Which three of the following are attributes of the RADIUS protocol? (Choose three.)
A. encrypts the password
B. hashes the password
C. uses UDP as the transport
D. uses TCP as the transport
E. combines authentication and authorization in a single request
F. commonly used to implement command authorization
Answer: B C E
3. Which two of the following commands are required to implement a Cisco Catalyst 6500 Series FWSM? (Choose two.)
A. firewall multiple-vlan-interfaces
B. firewall module x vlan-group y
C. module x secure-traffic
D. firewall vlan-group
E. firewall module x secure-traffic
Answer: B D

Search Help:
350 018 actualtest, 350 018 braindump, 350 018 brain dump, 350 018 braindumps, 350 018 cisco, 350 018 ccie, ccie 350 018 free questions, 350 018 lab, 350 018 questions, 350 018 study guide, 350 018 security, 350 018 testking, ccie 350 018 testking, 350 018 v2, 350 018 practice exam, 350 018 testking, ccie 350 018, 350 018 braindump, cisco 350 018, testking 350 018,

Cisco 350-018 Search Help
Feel free to use search terms below while searching the Net for 350-018 exam:

Vendors Included

+ View All Vendors

Hot Exams

Latest update Exams

Copyright &copy 1998 - 2009 Exambible Ltd. All Rights Reserved.

Back to the top ↑
Exambible materials do not contain actual questions and answers from Microsoft's Certification Exams.