Page 1

Cisco 350-018 CCIE Pre-Qualification Test for Security 10 Q&A

Version 3.0

Important Note, Please Read Carefully Other RoboCert products A) Offline Testing engine Use the offline Testing engine product topractice the questions in an exam environment. Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is revised. Free updates are available for 90 days after the purchase. You should check your member zone at RoboCert and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go 2.Click on Log in 3.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to You should include the following: Exam number, version, page number, question number, and your login Email. Our experts will answer your mail promptly. Copyright Each iPAD file is a green exe file. if we find out that a particular iPAD Viewer file is being distributed by you, RoboCert reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact

Leading the way in IT testing and certification tools,

-2- Q: 1 Which two of these Cisco Catalyst security features offer the best ways to prevent ARP cache poisoning? (Choose two.)

A. Dynamic ARP Inspection B. port security C. MAC address notification D. DHCP snooping E. PortFast F. 802.1x authentication

Answer: A, D Q: 2 What is the net effect of using ICMP type 4 messages to attack RFC 1122-compliant hosts?

A. Hosts will perform a soft TCP reset and restart the connection. B. Hosts will perform a hard TCP reset and tear down the connection. C. Hosts will reduce the rate at which they inject traffic into the network. D. Hosts will redirect packets to the IP address indicated in the ICMP type 4 message. E. Hosts will retransmit the last frame sent prior to receiving the ICMP type 4 message.

Answer: C

Leading the way in IT testing and certification tools,

-3- Q: 3 After the client opens the command channel (port 21) to the FTP server and requests passive mode, what will be the next step?

A. The FTP server sends back an ACK to the client. B. The FTP server allocates a port to use for the data channel and transmits that port number to the client. C. The FTP server opens the data channel to the client using the port number indicated by the client. D. The FTP client opens the data channel to the FTP server on port 20. E. The FTP client opens the data channel to the FTP server on port 21.

Answer: B Q: 4 In ISO 27001 ISMS, which three of these certification process phases are required to collect information for ISO 27001? (Choose three.)

A. discover B. certification audit C. post-audit D. observation E. pre-audit F. major compliance

Answer: B, C, E

Leading the way in IT testing and certification tools,

-4- Q: 5 How do TCP SYN attacks take advantage of TCP to prevent new connections from being established to a host under attack?

A. sending multiple FIN segments, forcing TCP connection release B. filling up a host listen queue by failing to ACK partially opened TCP connections C. taking advantage of the host transmit backoff algorithm by sending jam signals to the host D. incrementing the ISN of each segment by a random number, causing constant TCP retransmissions E. sending TCP RST segments in response to connection SYN+ACK segments, forcing SYN retransmissions

Answer: B Q: 6 For a router to obtain a certificate from a CA, what is the first step of the certificate enrollment process?

A. The router generates a certificate request and forwards it to the CA. B. The router generates an RSA key pair. C. The router sends its public key to the CA. D. The CA sends its public key to the router. E. The CA verifies the identity of the router. F. The CA generates a certificate request and forwards it to the router.

Answer: B

Leading the way in IT testing and certification tools,

-5- Q: 7 Which two of these commands are required to implement a Cisco Catalyst 6500 Series Firewall Services Module (FWSM) in a Catalyst 6500 running Cisco IOS? (Choose two.)

A. firewall multiple-vlan-interfaces B. firewall module vlan-group y C. module secure-traffic D. firewall vlan-group <vlan-x> E. firewall module secure-traffic

Answer: B, D Q: 8 Routing loops can occur in distance vector routing protocols if the network has inconsistent routing entries. Which three of these methods can be used to avoid them? (Choose three.)

A. split horizon B. route poisoning C. route suppression D. route splitting E. hold-down timers

Answer: A, B, E Q: 9 A bogon list (a list of reserved or unassigned IP addresses) that is applied to an access control list (ACL) can be best described as which of these? Leading the way in IT testing and certification tools,


A. content filter B. packet filter C. URL filter D. application filter E. stateful filter

Answer: B Q: 10 All of these statements about the Cisco Configuration Professional tool are correct except which one?

A. It is a GUI-based device management tool for Cisco access routers. B. It offers a one-click router lockdown feature. C. It is installed in router flash memory. D. It is free and can be downloaded from the Cisco website. E. It simplifies routing, firewall, IPS, VPN, Cisco Unified Communications, WAN, and LAN configuration using easy-to-use GUI-based wizards.

Answer: E

Leading the way in IT testing and certification tools,


robocert 350-018 Exam - CCIE Pre-Qualification Test for Security  

robocert offers Cisco 350-018 questions and answers for your CCIE Pre-Qualification Test for Security exam preparation. Download 350-018 fre...