Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?

user input validation in a web page or web application

Linux and Windows operating systems

Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two)

Check integer, float, or Boolean string parameters to ensure accurate values.

Use prepared statements and parameterized queries.

Check integer, float, or Boolean string parameters to ensure accurate values.

Use prepared statements and parameterized queries.

Secure the connection between the web and the app tier.

Write SQL code instead of using object-relational mapping libraries.

Block SQL code execution in the web application database login.

Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two)

Install a spam and virus email filter.

Protect systems with an up-to-date antimalware program

Patch for cross-site scripting.

Perform backups to the private cloud.

Protect against input validation and character escapes in the endpoint.

Install a spam and virus email filter.

Protect systems with an up-to-date antimalware program

Which two mechanisms are used to control phishing attacks? (Choose two)

Enable browser alerts for fraudulent websites.

Implement email filtering techniques.

Enable browser alerts for fraudulent websites.

Define security group memberships.

Revoke expired CRL of the websites.

Implement email filtering techniques.

Which two behavioral patterns characterize a ping of death attack? (Choose two)

The attack is fragmented into groups of 8 octets before transmission.

Malformed packets are used to crash systems.

The attack is fragmented into groups of 16 octets before transmission.

The attack is fragmented into groups of 8 octets before transmission.

Short synchronized bursts of traffic are used to disrupt TCP connections.

Malformed packets are used to crash systems.

Publicly accessible DNS servers are typically used to execute the attack.

Which two preventive measures are used to control cross-site scripting? (Choose two)

Enable client-side scripts on a per-domain basis.

Incorporate contextual output encoding/escaping.

Enable client-side scripts on a per-domain basis.

Incorporate contextual output encoding/escaping.

Disable cookie inspection in the HTML inspection engine.

Run untrusted HTML input through an HTML sanitization engine.

Same Site cookie attribute should not be used.

What is the difference between deceptive phishing and spear phishing?

A spear phishing campaign is aimed at a specific person versus a group of people.

Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.

A spear phishing campaign is aimed at a specific person versus a group of people.

Spear phishing is when the attack is aimed at the C-level executives of an organization.

Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.

Which two key and block sizes are valid for AES? (Choose two)

128-bit block size, 192-bit key length

128-bit block size, 256-bit key length

64-bit block size, 112-bit key length

64-bit block size, 168-bit key length

128-bit block size, 192-bit key length

128-bit block size, 256-bit key length

192-bit block size, 256-bit key length

Which two descriptions of AES encryption are true? (Choose two)

AES can use a 256-bit key for encryption.

AES can use a 168-bit key for encryption.

AES can use a 256-bit key for encryption.

AES encrypts and decrypts a key three times in sequence.

What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?

authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX

authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX

authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXX

authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX

secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX

Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)

The IPsec configuration that is set up on the active device must be duplicated on the standby device

The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device

Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically

The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.

The IPsec configuration that is set up on the active device must be duplicated on the standby device

Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically.

The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device

A network engineer is configuring DMVPN and entered the crypto isakmp key cisc0380739941 address 0.0.0.0 command on hostA. The tunnel is not being established to hostB. What action is needed to authenticate the VPN?

Enter the same command on hostB.

Change isakmp to ikev2 in the command on hostA.

Enter the command with a different password on hostB.

Enter the same command on hostB.

Change the password on hostA to the default password.

Refer to the exhibit. A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status. What is the problem according to this command output?

interesting traffic was not applied

What is a difference between FlexVPN and DMVPN?

FlexVPN uses IKEv2, DMVPN uses IKEv1 or IKEv2

DMVPN uses IKEv1 or IKEv2, FlexVPN only uses IKEv1

DMVPN uses only IKEv1 FlexVPN uses only IKEv2

FlexVPN uses IKEv2, DMVPN uses IKEv1 or IKEv2

FlexVPN uses IKEv1 or IKEv2, DMVPN uses only IKEv2

What is a commonality between DMVPN and FlexVPN technologies?

IOS routers run the same NHRP code for DMVPN and FlexVPN

FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes

FlexVPN and DMVPN use the new key management protocol

FlexVPN and DMVPN use the same hashing algorithms

IOS routers run the same NHRP code for DMVPN and FlexVPN

The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?

SDN controller and the management solution

management console and the SDN controller

management console and the cloud

SDN controller and the management solution

Which functions of an SDN architecture require southbound APIs to enable communication?

SDN controller and the network elements

management console and the SDN controller

management console and the cloud

Refer to the exhibit. What is the result of this Python script of the Cisco DNA Center API?

adds a switch to Cisco DNA Center

adds authentication to a switch

adds a switch to Cisco DNA Center

receives information about a switch

Refer to the exhibit. What does the API do when connected to a Cisco security appliance?

gather the network interface information about the computers AMP sees

get the process and PID information from the computers in the network

create an SNMP pull mechanism for managing AMP

gather network telemetry information from AMP for endpoints

gather the network interface information about the computers AMP sees

Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)

Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS

Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises

Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS

Cisco FTDv with one management interface and two traffic interfaces configured

Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises

Cisco FTDv with two management interfaces and one traffic interface configured

Cisco FTDv configured in routed mode and IPv6 configured

Which option is the main function of Cisco Firepower impact flags?

They correlate data about intrusions and vulnerability.

They alert administrators when critical events occur.

They highlight known and suspected malicious IP addresses in reports.

They correlate data about intrusions and vulnerability.

They identify data that the ASA sends to the Firepower module.

Cisco 350-701 Practice Test 1 - Free Online Exam Prep & Questions

Question 1 / 40

In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?

Smurf

distributed denial of service

cross-site scripting

rootkit exploit

Comment (0)

Cisco 350-701 Practice Test 1

Question

Cisco 350-701 Practice Tests

Practice Tests