Exam Code: 350-018 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Pre-Qualification Test for Security
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 350-018 Exam.

2021 Jun 350-018 Study Guide Questions:

Q101. According to OWASP guidelines, what is the recommended method to prevent cross-site request forgery? 

A. Allow only POST requests. 

B. Mark all cookies as HTTP only. 

C. Use per-session challenge tokens in links within your web application. 

D. Always use the "secure" attribute for cookies. 

E. Require strong passwords. 

Answer: C 

Q102. Which three configuration components are required to implement QoS policies on Cisco routers using MQC? (Choose three.) 

A. class-map 

B. global-policy 

C. policy-map 

D. service-policy 

E. inspect-map 

Answer: ACD 

Q103. Which ICMP message type code indicates fragment reassembly time exceeded? 

A. Type 4, Code 0 

B. Type 11, Code 0 

C. Type 11, Code 1 

D. Type 12, Code 2 

Answer: C 

350-018  brain dumps

Up to date cisco 350-018 exam:

Q104. Which statement about VLAN is true? 

A. VLAN cannot be routed. 

B. VLANs 1006 through.4094 are not propagated by VTP. 

C. VLAN1 is a Cisco default VLAN that can be deleted. 

D. The extended-range VLANs cannot be configured in global configuration mode. 

Answer: B 

Q105. Which two statements about DHCP are true? (Choose two.) 

A. DHCP uses TCP port 67. 

B. DHCP uses UDP ports 67 and 68. 

C. The DHCPDiscover packet has a multicast address of 

D. DHCPRequest is a broadcast message. 

E. The DHCPOffer packet is sent from the DHCP server. 

Answer: BE 

Q106. Refer to the exhibit. 

Which three statements correctly describe the configuration? (Choose three). 

A. The tunnel.is not providing peer authentication 

B. The tunnel encapsulates multicast traffic. 

C. This is a point-to-point GRE tunnel. 

D. The configuration is on the NHS. 

E. The configuration is on the NHC. 

F. The tunnel provides data confidentiality. 

G. The tunnel IP address represents the NBMA address. 

Answer: BDF 


Accurate 350-018 v4:

Q107. Which two OSPF network types support the concept of a designated router? (Choose two.) 

A. broadcast 


C. point-to-multipoint 

D. point-to-multipoint nonbroadcast 

E. loopback 

Answer: AB 

Q108. Which three statements about the Cisco IPS sensor are true? (Choose three.) 

A. You cannot pair a VLAN with itself. 

B. For a given sensing interface, an interface used in a VLAN pair can be a member of another inline interface pair. 

C. For a given sensing interface, a VLAN can be a member of only one inline VLAN pair, however, a given VLAN can be a member of an inline VLAN pair on more than one sensing interface. 

D. The order in which you specify the VLANs in a inline pair is significant. 

E. A sensing interface in inline VLAN pair mode can have from 1 to 255 inline VLAN pairs. 

Answer: ACE 

Q109. What is the purpose of the SPI field in an IPsec packet? 

A. identifies a transmission channel 

B. provides anti-replay protection 

C. ensures data integrity 

D. contains a shared session key 

Answer: A 

Q110. A router has four interfaces addressed as,,, and What is the smallest summary route that can be advertised covering these four subnets? 





Answer: C