★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 350-018 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/350-018-dumps.html
Exam Code: 350-018 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Pre-Qualification Test for Security
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 350-018 Exam.
2021 Aug 350-018 questions & answers:
Q111. Which of the following describes the DHCP "starvation" attack?
A. Exhaust the address space available on the DHCP servers so that an attacker can inject their own DHCP server for malicious reasons.
B. Saturate the network with DHCP requests to prevent other network services from working.
C. Inject a DHCP server on the network for the purpose of overflowing DNS servers with bogus learned host names.
D. Send DHCP response packets for the purpose of overloading CAM tables.
Answer: A
Q112. A router has four interfaces addressed as 10.1.1.1/24, 10.1.2.1/24, 10.1.3.1/24, and 10.1.4.1/24. What is the smallest summary route that can be advertised covering these four subnets?
A. 10.1.2.0/22
B. 10.1.0.0/22
C. 10.1.0.0/21
D. 10.1.0.0/16
Answer: C
Q113. Which statement best describes the concepts of rootkits and privilege escalation?
A. Rootkits propagate themselves.
B. Privilege escalation is the result of a rootkit.
C. Rootkits are a result of a privilege escalation.
D. Both of these require a TCP port to gain access.
Answer: B
Q114. What is the size of a point-to-point GRE header, and what is the protocol number at the IP layer?
A. 8 bytes, and protocol number 74
B. 4 bytes, and protocol number 47
C. 2 bytes, and protocol number 71
D. 24 bytes, and protocol number 1
E. 8 bytes, and protocol number 47
Answer: B
Q115. Refer to the exhibit.
What type of attack is being mitigated on the Cisco ASA appliance?
A. HTTPS certificate man-in-the-middle attack
B. HTTP distributed denial of service attack
C. HTTP Shockwave Flash exploit
D. HTTP SQL injection attack
Answer: D
Latest 350-018 exam fee:
Q116. Which IPv6 routing protocol can use IPv6 ESP and AH to provide integrity, authentication, and confidentiality services to protect the routing information exchange between the adjacent routing neighbors?
A. RIPng
B. EIGRPv6
C. BGP-4
D. IS-IS
E. OSPFv6
Answer: E
Q117. Which type of PVLAN ports can communicate among themselves and with the promiscuous port?
A. isolated
B. community
C. primary
D. secondary
E. protected
Answer: B
Q118. Refer to the exhibit.
Which three statements correctly describe the configuration? (Choose three).
A. The tunnel.is not providing peer authentication
B. The tunnel encapsulates multicast traffic.
C. This is a point-to-point GRE tunnel.
D. The configuration is on the NHS.
E. The configuration is on the NHC.
F. The tunnel provides data confidentiality.
G. The tunnel IP address represents the NBMA address.
Answer: BDF
Q119. Which NTP stratum level means that the clock is unsynchronized?
A. 0
B. 1
C. 8
D. 16
Answer: D
Q120. Which four techniques can you use for IP data plane security? (Choose four.)
A. Control Plane Policing
B. interface ACLs
C. uRPF
D. MD5 authentication
E. FPM
F. QoS
Answer: BCEF