What is an attribute of the DevSecOps process?

mandated security controls and check lists

security scanning and theoretical vulnerabilities

An engineer notices traffic interruption on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, based on a predefined threshold, to address this issue?

Bridge Protocol Data Unit guard

Why is it important to have logical security controls on endpoints even though the users are trained to spot security threats and the network devices already help prevent them?

because human error or insider threats will still exist

to prevent theft of the endpoints

because defense-in-depth stops at the network

to expose the endpoint to more threats

because human error or insider threats will still exist

When planning a VPN deployment, for which reason does an engineer opt for an active/active FlexVPN configuration as opposed to DMVPN?

Traffic is distributed statically by default.

Multiple routers or VRFs are required.

Traffic is distributed statically by default.

Floating static routes are required.

What are two functions of secret key cryptography? (Choose two)

utilization of different keys for encryption and decryption

provides the capability to only know the key on one side

key selection without integer factorization

utilization of different keys for encryption and decryption

utilization of large prime number iterations

provides the capability to only know the key on one side

What is a difference between DMVPN and sVTI?

DMVPN supports dynamic tunnel establishment, whereas sVTI does not.

DMVPN supports tunnel encryption, whereas sVTI does not.

DMVPN supports dynamic tunnel establishment, whereas sVTI does not.

DMVPN supports static tunnel establishment, whereas sVTI does not.

DMVPN provides interoperability with other vendors, whereas sVTI does not.

What features does Cisco FTDv provide over ASAv?

Cisco FTDv supports URL filtering while ASAv does not

Cisco FTDv runs on VMWare while ASAv does not

Cisco FTDv provides 1GB of firewall throughput while Cisco ASAv does not

Cisco FTDv runs on AWS while ASAv does not

Cisco FTDv supports URL filtering while ASAv does not

In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?

when there is a need to have more advanced detection capabilities

when there is a need for traditional anti-malware detection

when there is no need to have the solution centrally managed

when there is no firewall on the network

when there is a need to have more advanced detection capabilities

A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability. What is the connection status in both cases?

preserved with stateful failover and need to be reestablished with stateless failover

need to be reestablished with stateful failover and preserved with stateless failover

preserved with stateful failover and need to be reestablished with stateless failover

preserved with both stateful and stateless failover

need to be reestablished with both stateful and stateless failover

A Cisco ESA network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is discovered that the Cisco ESA is not dropping files that have an undetermined verdict. What is causing this issue?

The policy was created to disable file analysis

The policy was created to send a message to quarantine instead of drop

The file has a reputation score that is above the threshold

The file has a reputation score that is below the threshold

The policy was created to disable file analysis

A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there are no viruses before quarantined emails are delivered. In addition, delivery of mail from known bad mail servers must be prevented. Which two actions must be taken in order to meet these requirements?(Choose two)

Use outbreak filters from SenderBase

Scan quarantined emails using AntiVirus signatures

Use outbreak filters from SenderBase

Enable a message tracking service

Configure a recipient access table

Deploy the Cisco ESA in the DMZ

Scan quarantined emails using AntiVirus signatures

A network engineer has been tasked with adding a new medical device to the network. Cisco ISE is being used as the NAC server, and the new device does not have a supplicant available. What must be done in order to securely connect this device to the network?

Use MAB with posture assessment.

Use 802.1X with posture assessment.

What is the role of an endpoint in protecting a user from a phishing attack?

Use machine learning models to help identify anomalies and determine expected sending behavior.

Use Cisco Stealthwatch and Cisco ISE Integration.

Utilize 802.1X network security to ensure unauthorized access to resources.

Use machine learning models to help identify anomalies and determine expected sending behavior.

Ensure that antivirus and anti malware software is up to date

An organization has noticed an increase in malicious content downloads and wants to use Cisco Umbrella to prevent this activity for suspicious domains while allowing normal web traffic. Which action will accomplish this task?

Configure the intelligent proxy.

Configure application block lists.

With which components does a southbound API within a software-defined network architecture communicate?

devices such as routers and switches

A network administrator needs to find out what assets currently exist on the network. Third-party systems need to be able to feed host data into Cisco Firepower. What must be configured to accomplish this?

a Network Discovery policy to receive data from the host

a Threat Intelligence policy to download the data from the host

a File Analysis policy to send file data into Cisco Firepower

a Network Analysis policy to receive NetFlow data from the host

When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for.What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?

The remote connection will only be allowed from 1.2.3.4

The key server that is managing the keys for the connection will be at 1.2.3.4

The remote connection will only be allowed from 1.2.3.4

The address that will be used as the crypto validation authority

All IP addresses other than 1.2.3.4 will be allowed

Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?

file access from a different user

Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps.Which two actions must be taken to ensure that interfaces are put back into service? (Choose two)

Enter the shutdown and no shutdown commands on the interfaces.

Ensure that interfaces are configured with the error-disable detection and recovery feature

Have Cisco Prime Infrastructure issue an SNMP set command to re-enable the ports after the pre configured interval.

Use EEM to have the ports return to service automatically in less than 300 seconds.

Enter the shutdown and no shutdown commands on the interfaces.

Enable the snmp-server enable traps command and wait 300 seconds

Ensure that interfaces are configured with the error-disable detection and recovery feature

What is the difference between Cross-site Scripting and SQL Injection, attacks?

Cross-site Scripting is an attack where code is injected into a database, whereas SQL Injection is an attack where code is injected into a browser.

Cross-site Scripting is a brute force attack targeting remote sites, whereas SQL Injection is a social engineering attack.

Cross-site Scripting is when executives in a corporation are attacked, whereas SQL Injection is when a database is manipulated.

Cross-site Scripting is an attack where code is executed from the server side, whereas SQL Injection is an attack where code is executed from the client side.

A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing authentication and is unable to access the network. Where should the administrator begin troubleshooting to verify the authentication details?

Adaptive Network Control Policy List

What is a prerequisite when integrating a Cisco ISE server and an AD domain?

Synchronize the clocks of the Cisco ISE server and the AD server

Place the Cisco ISE server and the AD server in the same subnet

Configure a common administrator account

Synchronize the clocks of the Cisco ISE server and the AD server

Cisco 350-701 Practice Test 6 - Free Online Exam Prep & Questions

Question 1 / 40

An organization is implementing URL blocking using Cisco Umbrell a. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occurring?

Client computers do not have the Cisco Umbrella Root CA certificate installed.

IP-Layer Enforcement is not configured.

Client computers do not have an SSL certificate deployed from an internal CA server.

Intelligent proxy and SSL decryption is disabled in the policy

Comment (0)

Cisco 350-701 Practice Test 6

Question

Cisco 350-701 Practice Tests

Practice Tests