Date: 2010-10-27 16:32 Author: pass4line Click: 13
CCIE Pre-Qualification Test for Security
Exam Number/Code : 350-018
Exam Name : CCIE Pre-Qualification Test for Security
Questions and Answers : 199 Q&As
Update Time: 2010-10-27
Exam4test 350-018 Exam Description
Cisco 350-018 exam is regarded as one of the most favourite IBM Certification. Many IT professionals prefer to add Exam 350-018 among their credentials. The certification strengthens the employment prospects and opens up myriads of opportunities for them. Exam4test not only caters you all the information regarding the Exam 350-018 but also provides you the excellent study material which makes the Cisco certification 350-018 exam easy for you.
If you want to buy the 350-018 study materials online services, then Exam4test is one of the leading websites for this purpose. Exam4test is providing the best quality and up-to-date 350-018 training materials for the preparation of the Cisco 350-018 exam tests. All the 350-018 study materials and other training products of Exam4test are cost effective and are available on the website of Exam4test with free updating facilities. All these 350-018 training products are available at the Exam4test with the money back guarantee.
To match the current real test, the technical team from Exam4test will update the Questions and Answers for any changes in time, and also we are always accepting the feedbacks about this 350-018 exam from our Exam4test users, in specialty, we will mend the 350-018 exam pool with the suggestions from those users who got full scores in this 350-018 exam, so to perfect Exam4test 350-018 exma to make it always have the best quality exams.
Exam4test is one of the most popular websites all over the world. It keeps excellent information on IT Certifications and provides the current data. It has not only thorough information on every certification but also provides you your required study material for your targeted certification. 350-018 exam is regarded as one of the most favourite IBM Certifications. Many IT professionals prefer to add 350-018 exam rapidshare among their credentials. Exam4test not only caters you all the information regarding the 350-018 exam but also provides you the excellent study material which makes the certification exam easy for you.
Exam4test 350-018 Study Materials are prepared by Industry experts and Professionals giving you the best path to success with fastest updates in line with 350-018 Certification Exam Objectives. We offer 90 days of free updates for 350-018 Exam. Our 350-018 practice exam has the ability to get you certified within no time. Once you start using our 350-018 Study Materials, you will know the difference. Within just a few hours, you will be able to pass your 350-018 Certification Exam with confidence and high scores.
Exam4test 350-018 Exam Dumps
Exam : Cisco 350-018
Title : CCIE Security Qualification Exam
1. Which two of the following statements describe why TACACS+ is more desirable from a security standpoint than RADIUS? (Choose two.)
A. It uses UDP as its transport.
B. It uses TCP as its transport.
C. It encrypts the password field with a unique key between server and requester.
D. Encrypting the whole data payload is optional.
E. Authentication and authorization are combined into a single query for robustness.
Answer: BD
2. When using Cisco SDM to manage a Cisco IOS device, what configuration statements are necessary to be able to use Cisco SDM?
A. ip http server
B. ip http secure-server
C. ip http server
sdm location X.X.X.X
D. ip http secure-server
sdm location X.X.X.X
E. ip http server
ip http secure-server
Answer: A
3. Which three of these statements describe how DNSSEC prevents DNS cache poisoning attacks from succeeding? (Choose three.)
A. DNSSEC encrypts all records with domain-specific keys.
B. DNSSEC eliminates caching and forces all answers to be authoritative.
C. DNSSEC introduces KEY records that hold domain-specific public keys.
D. DNSSEC deprecates CNAME records and replaces them with DS records.
E. DNSSEC utilizes DS records to establish a trusted hierarchy of zones.
F. DNSSEC signs all records with domain-specific keys.
Answer: CEF
4. In regards to private address space, which three of the following statements are true? (Choose three.)
A. Private address space is defined in RFC 1918.
B. These IP addresses are considered private:
10.0.0.0
172.15.0.0
192.168.0.0
C. Private address space is not supposed to be routed over the Internet.
D. 127.0.0.1 is also considered part of private address space, according to the RFC.
E. Using only private address space and NAT to the Internet is not considered as secure as having a stateful firewall.
Answer: ACE
5. When initiating a new SSL/TLS session, the client receives the server SSL certificate and validates it. What does the client use the certificate for after validating it?
A. The client and server use the key in the certificate to encrypt all data in the following SSL session.
B. The server creates a separate session key and sends it to the client. The client has to decrypt the session key using the server public key from the certificate.
C. The client creates a separate session key and encrypts it with the server public key from the certificate before sending it to the server.
D. Nothing, the client and server switch to symmetric encryption using IKE to exchange keys.
E. The client generates a random string, encrypts it with the server public key from the certificate, and sends it to the server. Both the client and server derive the session key from the random data sent by the client.
Answer: E