The Improved Guide To 350-701 Practice Exam
Passleader offers free demo for 350-701 exam. "Implementing and Operating Cisco Security Core Technologies", also known as 350-701 exam, is a Cisco Certification. This set of posts, Passing the Cisco 350-701 exam, will help you answer those questions. The 350-701 Questions & Answers covers all the knowledge points of the real exam. 100% real Cisco 350-701 exams and revised by experts!
Check 350-701 free dumps before getting the full version:
NEW QUESTION 1
In which cloud services model is the tenant responsible for virtual machine OS patching?
- A. IaaS
- B. UCaaS
- C. PaaS
- D. SaaS
NEW QUESTION 2
Which two probes are configured to gather attributes of connected endpoints using Cisco Identity Services Engine? (Choose two.)
- A. RADIUS
- B. TACACS+
- C. DHCP
- D. sFlow
- E. SMTP
NEW QUESTION 3
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two.)
- A. Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
- B. Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network.
- C. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.
- D. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
- E. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.
NEW QUESTION 4
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?
- A. To view bandwidth usage for NetFlow records, the QoS feature must be enabled.
- B. A sysopt command can be used to enable NSEL on a specific interface.
- C. NSEL can be used without a collector configured.
- D. A flow-export event type must be defined under a policy.
NEW QUESTION 5
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?
- A. smurf
- B. distributed denial of service
- C. cross-site scripting
- D. rootkit exploit
NEW QUESTION 6
What are two list types within AMP for Endpoints Outbreak Control? (Choose two.)
- A. blocked ports
- B. simple custom detections
- C. command and control
- D. allowed applications
- E. URL
Reference: https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf chapter 2
NEW QUESTION 7
Which benefit does endpoint security provide the overall security posture of an organization?
- A. It streamlines the incident response process to automatically perform digital forensics on the endpoint.
- B. It allows the organization to mitigate web-based attacks as long as the user is active in the domain.
- C. It allows the organization to detect and respond to threats at the edge of the network.
- D. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect.
NEW QUESTION 8
What is a characteristic of Dynamic ARP Inspection?
- A. DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database.
- B. In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted.
- C. DAI associates a trust state with each switch.
- D. DAI intercepts all ARP requests and responses on trusted ports only.
NEW QUESTION 9
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?
- A. correlation
- B. intrusion
- C. access control
- D. network discovery
NEW QUESTION 10
Which API is used for Content Security?
- A. NX-OS API
- B. IOS XR API
- C. OpenVuln API
- D. AsyncOS API
NEW QUESTION 11
Which two capabilities does TAXII support? (Choose two.)
- A. exchange
- B. pull messaging
- C. binding
- D. correlation
- E. mitigating
NEW QUESTION 12
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. Where must the ASA be added on the Cisco UC Manager platform?
- A. Certificate Trust List
- B. Endpoint Trust List
- C. Enterprise Proxy Service
- D. Secured Collaboration Proxy
NEW QUESTION 13
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)
- A. data exfiltration
- B. command and control communication
- C. intelligent proxy
- D. snort
- E. URL categorization
NEW QUESTION 14
What is the primary role of the Cisco Email Security Appliance?
- A. Mail Submission Agent
- B. Mail Transfer Agent
- C. Mail Delivery Agent
- D. Mail User Agent
NEW QUESTION 15
Which attack is commonly associated with C and C++ programming languages?
- A. cross-site scripting
- B. water holing
- C. DDoS
- D. buffer overflow
NEW QUESTION 16
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?
- A. PaaS
- B. XaaS
- C. IaaS
- D. SaaS
NEW QUESTION 17
On which part of the IT environment does DevSecOps focus?
- A. application development
- B. wireless network
- C. data center
- D. perimeter network
NEW QUESTION 18
Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?
- A. IP Blacklist Center
- B. File Reputation Center
- C. AMP Reputation Center
- D. IP and Domain Reputation Center
NEW QUESTION 19
Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two.)
- A. DDoS
- B. antispam
- C. antivirus
- D. encryption
- E. DLP
NEW QUESTION 20
Which feature is supported when deploying Cisco ASAv within AWS public cloud?
- A. multiple context mode
- B. user deployment of Layer 3 networks
- C. IPv6
- D. clustering
NEW QUESTION 21
What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging?
- A. It tracks flow-create, flow-teardown, and flow-denied events.
- B. It provides stateless IP flow tracking that exports all records of a specific flow.
- C. It tracks the flow continuously and provides updates every 10 seconds.
- D. Its events match all traffic classes in parallel.
NEW QUESTION 22
What provides visibility and awareness into what is currently occurring on the network?
- A. CMX
- B. WMI
- C. Prime Infrastructure
- D. Telemetry
NEW QUESTION 23
P.S. Easily pass 350-701 Exam with 102 Q&As DumpSolutions.com Dumps & pdf Version, Welcome to Download the Newest DumpSolutions.com 350-701 Dumps: https://www.dumpsolutions.com/350-701-dumps/ (102 New Questions)