It is impossible to pass Cisco 350-018 exam without any help in the short term. Come to Exambible soon and find the most advanced, correct and guaranteed Cisco 350-018 practice questions. You will get a surprising result by our Replace CCIE Pre-Qualification Test for Security practice guides.

2021 Dec 350-018 ccie security exam:

Q141. Which statement best describes a key difference in IPv6 fragmentation support compared to IPv4? 

A. In IPv6, IP fragmentation is no longer needed because all Internet links must have an IP MTU of 1280 bytes or greater. 

B. In IPv6, PMTUD is no longer performed by the source node of an IP packet. 

C. In IPv6, IP fragmentation is no longer needed since all nodes must perform PMTUD and send packets equal to or smaller than the minimum discovered path MTU. 

D. In IPv6, PMTUD is no longer performed by any node since the don't fragment flag is removed from the IPv6 header. 

E. In IPv6, IP fragmentation is performed only by the source node of a large packet, and not by any other devices in the data path. 

Answer:


Q142. Which option is used to collect wireless traffic passively, for the purposes of eavesdropping or information gathering? 

A. network taps 

B. repeater Access Points 

C. wireless sniffers 

D. intrusion prevention systems 

Answer:


Q143. Which multicast routing mechanism is optimal to support many-to-many multicast applications? 

A. PIM-SM 

B. MOSPF 

C. DVMRP 

D. BIDIR-PIM 

E. MSDP 

Answer:


Q144. Refer to the exhibit. 

What is the reason for the failure of the DMVPN session between R1 and R2? 

A. tunnel mode mismatch 

B. IPsec phase-1 configuration missing peer address on R2 

C. IPsec phase-1 policy mismatch 

D. IPsec phase-2 policy mismatch 

E. incorrect tunnel source interface on R1 

Answer:


Q145. Which two statements describe GRE? (Choose two.) 

A. GRE acts as passenger protocol for a Layer 3 transport protocol. 

B. GRE acts as a tunneling protocol and encapsulates other protocols. 

C. GRE provides data confidentiality. 

D. Packet MTU must be adjusted to accommodate GRE overhead. 

E. GRE does not allow multicast to be sent across the tunnel. 

F. The GRE tunnel interface remains down until it can see the remote tunnel end. 

Answer: BD 


Update ensurepass 350-018:

Q146. In RFC 4034, DNSSEC introduced which four new resource record types? (Choose four.) 

A. DNS Public Key (DNSKEY) 

B. Next Secure (NSEC) 

C. Resource Record Signature (RRSIG) 

D. Delegation Signer (DS) 

E. Top Level Domain (TLD) 

F. Zone Signing Key (ZSK) 

Answer: ABCD 


Q147. In an 802.11 WLAN, which option is the Layer 2 identifier of a basic service set, and also is typically the MAC address of the radio of the access point? 

A. BSSID 

B. SSID 

C. VBSSID 

D. MBSSID 

Answer:


Q148. Which three nonproprietary EAP methods do not require the use of a client-side certificate for mutual authentication? (Choose three.) 

A. LEAP 

B. EAP-TLS 

C. PEAP 

D. EAP-TTLS 

E. EAP-FAST 

Answer: CDE 


Q149. Which IPv6 tunnel type is a standard that is defined in RFC 4214? 

A. ISATAP 

B. 6to4 

C. GREv6 

D. manually configured 

Answer:


Q150. Which three statements about triple DES are true? (Choose three.) 

A. For 3DES, ANSI X9.52 describes three options for the selection of the keys in a bundle, where all keys are independent. 

B. A 3DES key bundle is 192 bits long. 

C. A 3DES keyspace is168 bits. 

D. CBC, 64-bit CFB, OFB, and CTR are modes of 3DES. 

E. 3DES involves encrypting a 64-bit block of plaintext with the 3 keys of the key bundle. 

Answer: BCD