The Improved Guide To 350-701 Practice Exam

NEW QUESTION 1
In which cloud services model is the tenant responsible for virtual machine OS patching?

• A. IaaS
• B. UCaaS
• C. PaaS
• D. SaaS

Answer: A

Explanation:
Reference: https://www.cmswire.com/cms/information-management/cloud-service-models-iaas-saas-paas-how-microsoft-office-365-azure-fit-in-021672.php

NEW QUESTION 2
Which two probes are configured to gather attributes of connected endpoints using Cisco Identity Services Engine? (Choose two.)

• A. RADIUS
• B. TACACS+
• C. DHCP
• D. sFlow
• E. SMTP

Answer: AC

Explanation:
Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_prof_pol.html

NEW QUESTION 3
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two.)

• A. Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
• B. Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network.
• C. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.
• D. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
• E. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.

Answer: AC

NEW QUESTION 4
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?

• A. To view bandwidth usage for NetFlow records, the QoS feature must be enabled.
• B. A sysopt command can be used to enable NSEL on a specific interface.
• C. NSEL can be used without a collector configured.
• D. A flow-export event type must be defined under a policy.

Answer: D

NEW QUESTION 5
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?

• A. smurf
• B. distributed denial of service
• C. cross-site scripting
• D. rootkit exploit

Answer: C

NEW QUESTION 6
What are two list types within AMP for Endpoints Outbreak Control? (Choose two.)

• A. blocked ports
• B. simple custom detections
• C. command and control
• D. allowed applications
• E. URL

Answer: BD

Explanation:
Reference: https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf chapter 2

NEW QUESTION 7
Which benefit does endpoint security provide the overall security posture of an organization?

• A. It streamlines the incident response process to automatically perform digital forensics on the endpoint.
• B. It allows the organization to mitigate web-based attacks as long as the user is active in the domain.
• C. It allows the organization to detect and respond to threats at the edge of the network.
• D. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect.

Answer: D

NEW QUESTION 8
What is a characteristic of Dynamic ARP Inspection?

• A. DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database.
• B. In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted.
• C. DAI associates a trust state with each switch.
• D. DAI intercepts all ARP requests and responses on trusted ports only.

Answer: A

NEW QUESTION 9
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?

• A. correlation
• B. intrusion
• C. access control
• D. network discovery

Answer: D

NEW QUESTION 10
Which API is used for Content Security?

• A. NX-OS API
• B. IOS XR API
• C. OpenVuln API
• D. AsyncOS API

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma12-0/api/b_SMA_API_12/test_chapter_01.html

NEW QUESTION 11
Which two capabilities does TAXII support? (Choose two.)

• A. exchange
• B. pull messaging
• C. binding
• D. correlation
• E. mitigating

Answer: BC

NEW QUESTION 12
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. Where must the ASA be added on the Cisco UC Manager platform?

• A. Certificate Trust List
• B. Endpoint Trust List
• C. Enterprise Proxy Service
• D. Secured Collaboration Proxy

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/special/unified-communications/guide/unified-comm/unified-comm-tlsproxy.html

NEW QUESTION 13
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)

• A. data exfiltration
• B. command and control communication
• C. intelligent proxy
• D. snort
• E. URL categorization

Answer: AB

Explanation:
Reference: https://www.cisco.com/c/dam/en/us/products/collateral/security/cognitive-threat-analytics/at-a-glance-c45-736555.pdf

NEW QUESTION 14
What is the primary role of the Cisco Email Security Appliance?

• A. Mail Submission Agent
• B. Mail Transfer Agent
• C. Mail Delivery Agent
• D. Mail User Agent

Answer: B

NEW QUESTION 15
Which attack is commonly associated with C and C++ programming languages?

• A. cross-site scripting
• B. water holing
• C. DDoS
• D. buffer overflow

Answer: D

Explanation:
Reference: https://en.wikipedia.org/wiki/Buffer_overflow

NEW QUESTION 16
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?

• A. PaaS
• B. XaaS
• C. IaaS
• D. SaaS

Answer: A

NEW QUESTION 17
On which part of the IT environment does DevSecOps focus?

• A. application development
• B. wireless network
• C. data center
• D. perimeter network

Answer: A

NEW QUESTION 18
Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?

• A. IP Blacklist Center
• B. File Reputation Center
• C. AMP Reputation Center
• D. IP and Domain Reputation Center

Answer: D

NEW QUESTION 19
Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two.)

• A. DDoS
• B. antispam
• C. antivirus
• D. encryption
• E. DLP

Answer: DE

Explanation:
Reference: https://www.cisco.com/c/dam/en/us/td/docs/security/ces/overview_guide/Cisco_Cloud_Hybrid_Email_Security_Overview_Guide.pdf

NEW QUESTION 20
Which feature is supported when deploying Cisco ASAv within AWS public cloud?

• A. multiple context mode
• B. user deployment of Layer 3 networks
• C. IPv6
• D. clustering

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-start-book/asav-96-qsg/asav-aws.html

NEW QUESTION 21
What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging?

• A. It tracks flow-create, flow-teardown, and flow-denied events.
• B. It provides stateless IP flow tracking that exports all records of a specific flow.
• C. It tracks the flow continuously and provides updates every 10 seconds.
• D. Its events match all traffic classes in parallel.

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/general/asa-general-cli/monitor-nsel.html

NEW QUESTION 22
What provides visibility and awareness into what is currently occurring on the network?

• A. CMX
• B. WMI
• C. Prime Infrastructure
• D. Telemetry

Answer: C

NEW QUESTION 23
......