The Improved Guide To 350-701 Practice Exam

Passleader offers free demo for 350-701 exam. "Implementing and Operating Cisco Security Core Technologies", also known as 350-701 exam, is a Cisco Certification. This set of posts, Passing the Cisco 350-701 exam, will help you answer those questions. The 350-701 Questions & Answers covers all the knowledge points of the real exam. 100% real Cisco 350-701 exams and revised by experts!

Check 350-701 free dumps before getting the full version:

NEW QUESTION 1
In which cloud services model is the tenant responsible for virtual machine OS patching?

  • A. IaaS
  • B. UCaaS
  • C. PaaS
  • D. SaaS

Answer: A

Explanation:
Reference: https://www.cmswire.com/cms/information-management/cloud-service-models-iaas-saas-paas-how-microsoft-office-365-azure-fit-in-021672.php

NEW QUESTION 2
Which two probes are configured to gather attributes of connected endpoints using Cisco Identity Services Engine? (Choose two.)

  • A. RADIUS
  • B. TACACS+
  • C. DHCP
  • D. sFlow
  • E. SMTP

Answer: AC

Explanation:
Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_prof_pol.html

NEW QUESTION 3
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two.)

  • A. Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
  • B. Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network.
  • C. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.
  • D. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
  • E. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.

Answer: AC

NEW QUESTION 4
Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?

  • A. To view bandwidth usage for NetFlow records, the QoS feature must be enabled.
  • B. A sysopt command can be used to enable NSEL on a specific interface.
  • C. NSEL can be used without a collector configured.
  • D. A flow-export event type must be defined under a policy.

Answer: D

NEW QUESTION 5
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?

  • A. smurf
  • B. distributed denial of service
  • C. cross-site scripting
  • D. rootkit exploit

Answer: C

NEW QUESTION 6
What are two list types within AMP for Endpoints Outbreak Control? (Choose two.)

  • A. blocked ports
  • B. simple custom detections
  • C. command and control
  • D. allowed applications
  • E. URL

Answer: BD

Explanation:
Reference: https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf chapter 2

NEW QUESTION 7
Which benefit does endpoint security provide the overall security posture of an organization?

  • A. It streamlines the incident response process to automatically perform digital forensics on the endpoint.
  • B. It allows the organization to mitigate web-based attacks as long as the user is active in the domain.
  • C. It allows the organization to detect and respond to threats at the edge of the network.
  • D. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect.

Answer: D

NEW QUESTION 8
What is a characteristic of Dynamic ARP Inspection?

  • A. DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database.
  • B. In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted.
  • C. DAI associates a trust state with each switch.
  • D. DAI intercepts all ARP requests and responses on trusted ports only.

Answer: A

NEW QUESTION 9
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?

  • A. correlation
  • B. intrusion
  • C. access control
  • D. network discovery

Answer: D

NEW QUESTION 10
Which API is used for Content Security?

  • A. NX-OS API
  • B. IOS XR API
  • C. OpenVuln API
  • D. AsyncOS API

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma12-0/api/b_SMA_API_12/test_chapter_01.html

NEW QUESTION 11
Which two capabilities does TAXII support? (Choose two.)

  • A. exchange
  • B. pull messaging
  • C. binding
  • D. correlation
  • E. mitigating

Answer: BC

NEW QUESTION 12
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. Where must the ASA be added on the Cisco UC Manager platform?

  • A. Certificate Trust List
  • B. Endpoint Trust List
  • C. Enterprise Proxy Service
  • D. Secured Collaboration Proxy

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/special/unified-communications/guide/unified-comm/unified-comm-tlsproxy.html

NEW QUESTION 13
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)

  • A. data exfiltration
  • B. command and control communication
  • C. intelligent proxy
  • D. snort
  • E. URL categorization

Answer: AB

Explanation:
Reference: https://www.cisco.com/c/dam/en/us/products/collateral/security/cognitive-threat-analytics/at-a-glance-c45-736555.pdf

NEW QUESTION 14
What is the primary role of the Cisco Email Security Appliance?

  • A. Mail Submission Agent
  • B. Mail Transfer Agent
  • C. Mail Delivery Agent
  • D. Mail User Agent

Answer: B

NEW QUESTION 15
Which attack is commonly associated with C and C++ programming languages?

  • A. cross-site scripting
  • B. water holing
  • C. DDoS
  • D. buffer overflow

Answer: D

Explanation:
Reference: https://en.wikipedia.org/wiki/Buffer_overflow

NEW QUESTION 16
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?

  • A. PaaS
  • B. XaaS
  • C. IaaS
  • D. SaaS

Answer: A

NEW QUESTION 17
On which part of the IT environment does DevSecOps focus?

  • A. application development
  • B. wireless network
  • C. data center
  • D. perimeter network

Answer: A

NEW QUESTION 18
Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?

  • A. IP Blacklist Center
  • B. File Reputation Center
  • C. AMP Reputation Center
  • D. IP and Domain Reputation Center

Answer: D

NEW QUESTION 19
Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two.)

  • A. DDoS
  • B. antispam
  • C. antivirus
  • D. encryption
  • E. DLP

Answer: DE

Explanation:
Reference: https://www.cisco.com/c/dam/en/us/td/docs/security/ces/overview_guide/Cisco_Cloud_Hybrid_Email_Security_Overview_Guide.pdf

NEW QUESTION 20
Which feature is supported when deploying Cisco ASAv within AWS public cloud?

  • A. multiple context mode
  • B. user deployment of Layer 3 networks
  • C. IPv6
  • D. clustering

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-start-book/asav-96-qsg/asav-aws.html

NEW QUESTION 21
What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging?

  • A. It tracks flow-create, flow-teardown, and flow-denied events.
  • B. It provides stateless IP flow tracking that exports all records of a specific flow.
  • C. It tracks the flow continuously and provides updates every 10 seconds.
  • D. Its events match all traffic classes in parallel.

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/general/asa-general-cli/monitor-nsel.html

NEW QUESTION 22
What provides visibility and awareness into what is currently occurring on the network?

  • A. CMX
  • B. WMI
  • C. Prime Infrastructure
  • D. Telemetry

Answer: C

NEW QUESTION 23
......

P.S. Easily pass 350-701 Exam with 102 Q&As DumpSolutions.com Dumps & pdf Version, Welcome to Download the Newest DumpSolutions.com 350-701 Dumps: https://www.dumpsolutions.com/350-701-dumps/ (102 New Questions)