New Updated Cisco CCIE Security 350-018 Real Exam Download 81-90



Which of the following provides the features of route summarization, assignment of contiguous blocks of addresses, and combining routes for multiple classful networks into a single route?


A.      classless interdomain routing

B.      route summarization

C.      supernetting

D.      private IP addressing


Correct Answer: A




Aggregate global IPv6 addresses begin with which bit pattern in the first 16-bit group?


A.      000/3

B.      001/3

C.      010/2

D.      011/2


Correct Answer: B





Which layer of the OSI reference model typically deals with the physical addressing of interface cards?


A.      physical layer

B.      data-link layer

C.      network layer

D.      host layer


Correct Answer: B




Which statement best describes a key difference in IPv6 fragmentation support compared to IPv4?


A.      In IPv6, IP fragmentation is no longer needed because all Internet links must have an IP MTU of 1280 bytes or greater.

B.      In IPv6, PMTUD is no longer performed by the source node of an IP packet.

C.      In IPv6, IP fragmentation is no longer needed since all nodes must perform PMTUD and send packets equal to or smaller than the minimum discovered path MTU.

D.      In IPv6, PMTUD is no longer performed by any node since the don’t fragment flag is removed from the IPv6 header.

E.       In IPv6, IP fragmentation is performed only by the source node of a large packet, and not by any other devices in the data path.


Correct Answer: E




Refer to the exhibit. It shows the format of an IPv6 Router Advertisement packet. If the Router Lifetime value is set to 0, what does that mean?




A.      The router that is sending the RA is not the default router.

B.      The router that is sending the RA is the default router.

C.      The router that is sending the RA will never power down.

D.      The router that is sending the RA is the NTP master.

E.       The router that is sending the RA is a certificate authority.

F.       The router that is sending the RA has its time synchronized to an NTP source.


Correct Answer: A




If a host receives a TCP packet with an SEQ number of 1234, an ACK number of 5678, and a length of 1000 bytes, what will it send in reply?


A.      a TCP packet with SEQ number: 6678, and ACK number: 1234

B.      a TCP packet with SEQ number: 2234, and ACK number: 5678

C.      a TCP packet with SEQ number: 1234, and ACK number: 2234

D.      a TCP packet with SEQ number: 5678, and ACK number 2234


Correct Answer: D




A network administrator uses a LAN analyzer to troubleshoot OSPF router exchange messages sent to all OSPF routers. To which one of these MAC addresses are these messages sent?


A.      00-00-1C-EF-00-00

B.      01-00-5E-00-00-05

C.      01-00-5E-EF-00-00

D.      EF-FF-FF-00-00-05

E.       EF-00-00-FF-FF-FF

F.       FF-FF-FF-FF-FF-FF


Correct Answer: B




Which option correctly describes the security enhancement added for OSPFv3?


A.      The AuType field in OSPFv3 now supports the more secure SHA-1 and SHA-2 algorithms in addition to MD5.

B.      The AuType field is removed from the OSPFv3 header since simple password authentication is no longer an option.

C.      The Authentication field in OSPFv3 is increased from 64 bits to 128 bits to accommodate more secure authentication algorithms.

D.      Both the AuType and Authentication fields are removed from the OSPF header in OSPFv3, since now it relies on the IPv6 Authentication Header (AH) and IPv6 Encapsulating Security Payload (ESP) to provide integrity, authentication, and/or confidentiality.

E.       The Authentication field is removed from the OSPF header in OSPFv3, because OSPFv3 must only run inside of an authenticated IPSec tunnel.


Correct Answer: D




Which IPv6 tunnel type is a standard that is defined in RFC 4214?


A.      ISATAP

B.      6to4

C.      GREv6

D.      manually configured


Correct Answer: A




What IP protocol number is used in the protocol field of an IPv4 header, when IPv4 is used to tunnel IPv6 packets?


A.      6

B.      27

C.      41

D.      47

E.       51


Correct Answer: C


Download Latest Complete collection of 350-018 Real Q&As ,help you to pass exam 100%.

Download FREE Ensurepass CCIE Security 350-018 Demo and Get the Discount Code
Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCIE ExamS Questions and Answers

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.