현재 경쟁율이 심한 IT시대에  CCIE 351-018 (CCIE Security Qualification)  자격증 취득만으로  경쟁이 심한 사회에서 자신만의 위치를 보장할수 있고 더욱이는 한층 업 된 삶을 누릴수 있을수도 있습니다. Pass4Test에는 아주 엘리트한 전문가들로 구성된 팀입니다.   Pass4Test 는 아주 정확하게 또한 아주 신속히  CCIE 351-018 (CCIE Security Qualification)  관한 자료를 제공하며, 업데이트 될 경우 또한 아주 빠르게 뉴 버전을 여러분한테 보내드립니다. Pass4Test는 관련 업계에서도 우리만의 브랜드 이미지를 지니고 있으며 많은 고객들의 찬사를 받았습니다. Pass4Test 에서 여러분은  CCIE 351-018 (CCIE Security Qualification)  관련 공부가이드를 얻을 수 있습니다. Pass4Test는 IT업계엘리트 한 강사들이 퍼펙트한  CCIE 351-018 (CCIE Security Qualification)  문제집을 만들어서 제공합니다.

 

Pass4Test 에서 제공하는  CCIE 351-018 (CCIE Security Qualification)  문제와 답으로 여러분은 한번에 성공적으로 시험을 패스 할수 있습니다.  CCIE 351-018 (CCIE Security Qualification)  인증시험 패스는 아주 어렵습니다.하지만 Pass4Test의 자료로 충분히 시험 패스할 수 있습니다.만약 Pass4Test 선택여부에 대하여 망설이게 된다면 여러분은 우선 우리 Pass4Test 사이트에서 제공하는  CCIE 351-018 (CCIE Security Qualification)  관련 자료의 일부분 문제와 답 등 샘플을 무료로 다운받아 체험해볼 수 있습니다. 체험 후  Pass4Test에 신뢰감을 느끼게 됩니다. Pass4Test는 여러분이 안전하게  CCIE 351-018 (CCIE Security Qualification)  시험을 패스할 수 있는 최고의 선택입니다. Pass4Test을 선택함으로써 여러분은 성공도 선택한것이라고 볼수 있습니다.Pass4Test 문제집을 선택함으로 여러분의 시간도 절약해드리고 무엇보다도 많은 근심없이 심플하게 시험을 패스하여 좋다는 점입니다.

 

NO.1 The ARP functionality in IPv4 is accomplished using which type of messages, as defined in ICMPv6?
A. router solicitation and advertisement
B. neighbor solicitation and advertisement
C. redirect
D. neighbor solicitation and router advertisement
E. router solicitation and neighbor advertisement
Answer: B

NO.2 Refer to the exhibit.
Switch SW2 has just been added to Fa0/23 on SW1. After a few seconds, interface Fa0/23 on SW1 is
placed in the error-disabled state. SW2 is removed from port 0/23 and inserted into SW1 port Fa0/22 with
the same result. What is the most likely cause of this problem?
A. The spanning-tree PortFast feature has been configured on SW1.
B. BPDU filtering has been enabled either globally or on the interfaces of SW1.
C. The BPDU guard feature has been enabled on the Fast Ethernet interfaces of SW1.
D. The Fast Ethernet interfaces of SW1 are unable to autonegotiate speed and duplex with SW2.
E. PAgP is unable to correctly negotiate VLAN trunk characteristics on the link between SWI and SW2.
Answer: C

NO.3 Which of these best represents a typical attack that takes advantage of RFC 792, ICMP type 3
messages?
A. blind connection-reset
B. large packet echo request
C. packet fragmentation offset
D. broadcast-based echo request
E. excessive bandwidth consumption
Answer: A

NO.4 ASDM on the Cisco ASA adaptive security appliance platform is executed as which of the following?
A. an ActiveX application or a JavaScript application
B. a JavaScript application and a PHP application
C. a fully compiled .Net Framework application
D. a fully operational Visual Basic application
E. a Java applet or a standalone application using the Java Runtime Environment
Answer: E

NO.5 Which of these statements best describes the advantage of using Cisco Secure Desktop, which is part
of the Cisco ASA VPN solution?
A. Cisco Secure Desktop creates a separate computing environment that is deleted when you finish,
ensuring that no confidential data is left on the shared or public computer.
B. Cisco Secure Desktop is used to protect access to your registry and system files when browsing to
SSL VPN protected pages.
C. Cisco Secure Desktop ensures that an SSL protected password cannot be exploited by a man-
in-the-middle attack using a spoofed certificate
D. Cisco Secure Desktop hardens the operating system of the machines you are using at the time it is
launched.
Answer: A

NO.6 In the example shown, Host A has attempted a DCOM attack using Metasploit from Host A to Host
Which three statements best describe how event logs and IPS alerts can be used in conjunction with each
other to determine if the attack was successful? (Choose three.)
A. Cisco Security MARS will collect the syslog and the IPS alerts based on time.
B. The IPS event will suggest that an attack may have occurred because a signature was triggered.
C. IPS and Cisco ASA adaptive security appliance will use the Unified Threat Management protocol to
determine that both devices saw the attack
D. Cisco ASA adaptive security appliance will see the attack in both directions and will be able to
determine if an attack was successful.
E. The syslog event will indicate that an attack is likely because a TCP SYN and an ACK followed the
attempted attack.
Answer: ABE

NO.7 After the client opens the command channel (port 21) to the FTP server and requests passive mode,
what will be the next step?
A. The FTP server sends back an ACK to the client.
B. The FTP server allocates a port to use for the data channel and transmits that port number to the client.
C. The FTP server opens the data channel to the client using the port number indicated by the client.
D. The FTP client opens the data channel to the FTP server on port 20.
E. The FTP client opens the data channel to the FTP server on port 21.
Answer: B

NO.8 Which one of the following is not a valid RADIUS packet type.?
A. access-reject
B. access-response
C. access-challenge
D. access-reply
E. access-accept
Answer: B

NO.9 How does using DHCP Option 82 on a Cisco Wireless LAN Controller make a network more secure?
A. by preventing rogue DHCP servers from returning unauthorized addresses
B. by ensuring that DHCP addresses are parity-checked before being issued
C. by ensuring that clients receive proper routing information as part of their DHCP responses
D. by preventing DHCP address requests from untrusted relay agents
E. by adding fully qualified domain information that the client can use for SSL authentication
Answer: D

NO.10 Which three of these protocols are supported when using TACACS+? (Choose three.)
A. AppleTalk
B. CHAP
C. NASI
D. NetBIOS
E. Kerberos
Answer: ACD

NO.11 Which two of these are valid TACACS+ Accounting packets? (Choose two.)
A. REQUEST
B. REPLY
C. RESPONSE
D. CONTINUE
E. START
Answer: AC

NO.12 A DNS open resolver is vulnerable to which three of these malicious activities? (Choose three.)
A. cache poisoning attack
B. amplification attack
C. Ping of Death attack
D. Resource Utilization attack
E. Blue Screen of Death
F. Nachi worm attack
Answer: ABD

NO.13 Which two of these are true about TFTP? (Choose two.)
A. TFTP includes a basic username/password authentication mechanism.
B. While "putting" files via TFTP is possible, it is good practice to disallow it, because TFTP lacks access
control mechanisms.
C. TFTP uses a very basic "stop and wait" mechanism for flow control, for which each packet needs to be
acknowledged before the next one is sent.
D. TFTP root directories need to be world-readable and -writable due to the lack of security controls in the
protocol.
E. TFTP can list remote directory contents, but only if advanced options (as defined in RFC 2347) are
negotiated between client and server at initial connection time.
Answer: BC

NO.14 Referring to the partial debug output shown in the exhibit, which of these values is contained inside the
brackets [4] in line 1?
A. RADIUS identifier field value
B. RADIUS attribute type value
C. RADIUS VSA number
D. RADIUS VSA length
E. vendor ID
Answer: B

NO.15 Refer to the exhibit.
Which three of the following statements are correct? (Choose three.)
A. The exhibit shows an example of a NAC Framework network.
B. The exhibit shows an example of a NAC Appliance network.
C. The network utilizes in-band admission control.
D. The network utilizes out-of-band admission control.
E. Cisco NAC Appliance Agent is used to verify end-user PC compliance with the security policy
F. Cisco Trust Agent is used to verify end-user PC compliance with the security policy.
Answer: BDE