Ask Question
Cisco 350-701 Practice Test - Questions Answers, Page 25
List of questions
Question 241
An organization recently installed a Cisco WSA and would like to take advantage of the AVC engine to allow the organization to create a policy to control application specific activity. After enabling the AVC engine, what must be done to implement this?
Use security services to configure the traffic monitor, .
Use URL categorization to prevent the application traffic.
Use an access policy group to configure application control settings.
Use web security reporting to validate engine functionality
The Application Visibility and Control (AVC) engine lets you create policies to control application activity on the network without having to fully understand the underlying technology of each application. You can configure application control settings in Access Policy groups. You can block or allow applications individually or according to application type. You can also apply controls to particular application types.
Question 242
Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access to network resources?
BYOD on boarding
Simple Certificate Enrollment Protocol
Client provisioning
MAC authentication bypass
When supporting personal devices on a corporate network, you must protect network services and enterprise data by authenticating and authorizing users (employees, contractors, and guests) and their devices.
Cisco ISE provides the tools you need to allow employees to securely use personal devices on a corporate network.
Guests can add their personal devices to the network by running the native supplicant provisioning
(Network Setup Assistant), or by adding their devices to the My Devices portal.
Because native supplicant profiles are not available for all devices, users can use the My Devices portal to add these devices manually; or you can configure Bring Your Own Device (BYOD) rules to register these devices.
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-
4/admin_guide/b_ISE_admin_guide_24/ m_ise_devices_byod.html
Question 243
Refer to the exhibit.
What will happen when this Python script is run?
The compromised computers and malware trajectories will be received from Cisco AMP
The list of computers and their current vulnerabilities will be received from Cisco AMP
The compromised computers and what compromised them will be received from Cisco AMP
The list of computers, policies, and connector statuses will be received from Cisco AMP
The call to API of "https://api.amp.cisco.com/v1/computers" allows us to fetch list of computersacross yourorganization that Advanced Malware Protection (AMP) sees
Reference: https://api-docs.amp.cisco.com/api_actions/details?api_action=GET+%2Fv1%2Fcomputers&api_host=api.apjc.amp.cisco.com&api_resource=Computer&api_version=v1
Question 244
An organization is trying to implement micro-segmentation on the network and wants to be able to gain visibility on the applications within the network. The solution must be able to maintain and force compliance. Which product should be used to meet these requirements?
Cisco Umbrella
Cisco AMP
Cisco Stealthwatch
Cisco Tetration
Micro-segmentation secures applications by expressly allowing particular application traffic and, by default, denying all other traffic. Micro-segmentation is the foundation for implementing a zero-trust security model for application workloads in the data center and cloud.
Cisco Tetration is an application workload security platform designed to secure your compute instances across any infrastructure and any cloud. To achieve this, it uses behavior and attribute-driven microsegmentation policy generation and enforcement. It enables trusted access through automated, exhaustive context from various systems to automatically adapt security policies.
To generate accurate microsegmentation policy, Cisco Tetration performs application dependency mapping to discover the relationships between different application tiers and infrastructure services. In addition, the platform supports "what- if" policy analysis using real-time data or historical data to assist in the validation and risk assessment of policy application pre-enforcement to ensure ongoing application availability. The normalized microsegmentation policy can be enforced through the application workload itself for a consistent approach to workload microsegmentation across any environment, including virtualized, bare-metal, and container workloads running in any public cloud or any data center.
Once the microsegmentation policy is enforced, Cisco Tetration continues to monitor for compliance deviations, ensuring the segmentation policy is up to date as the application behavior change.
Reference: https://www.cisco.com/c/en/us/products/collateral/data-center-analytics/tetrationanalytics/solutionoverview-c22-739268.pdf
Question 245
Which factor must be considered when choosing the on-premise solution over the cloud-based one?
With an on-premise solution, the provider is responsible for the installation and maintenance of the product, whereas with a cloud-based solution, the customer is responsible for it
With a cloud-based solution, the provider is responsible for the installation, but the customer is responsible for the maintenance of the product.
With an on-premise solution, the provider is responsible for the installation, but the customer is responsible for the maintenance of the product.
With an on-premise solution, the customer is responsible for the installation and maintenance of the product, whereas with a cloud-based solution, the provider is responsible for it.
Question 246
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?
consumption
sharing
analysis
authoring
… we will showcase Cisco Threat Intelligence Director (CTID) an exciting feature on Cisco's Firepower Management Center (FMC) product offering that automates the operationalization of threat intelligence. TID has the ability to consume threat intelligence via STIX over TAXII and allows uploads/downloads of STIX and simple blacklists. Reference:
https://blogs.cisco.com/developer/automate-threat-intelligence-using-cisco-threatintelligencedirector
Question 247
An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, what action will resolve this issue?
Configure security appliances to send syslogs to Cisco Stealthwatch Cloud
Configure security appliances to send NetFlow to Cisco Stealthwatch Cloud
Deploy a Cisco FTD sensor to send events to Cisco Stealthwatch Cloud
Deploy a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco Stealthwatch Cloud
You can also monitor on-premises networks in your organizations using Cisco Stealthwatch Cloud. In order to do so, you need to deploy at least one Cisco Stealthwatch Cloud Sensor appliance (virtual or physical appliance).
Reference: CCNP And CCIE Security Core SCOR 350-701 Official Cert Guide
Question 248
What does Cisco AMP for Endpoints use to help an organization detect different families of malware?
Ethos Engine to perform fuzzy fingerprinting
Tetra Engine to detect malware when me endpoint is connected to the cloud
Clam AV Engine to perform email scanning
Spero Engine with machine learning to perform dynamic analysis
ETHOS is the Cisco file grouping engine. It allows us to group families of files together so if we see variants of a malware, we mark the ETHOS hash as malicious and whole families of malware are instantly detected.
Reference: https://docs.amp.cisco.com/AMP%20for%20Endpoints%20User%20Guide.pdfETHOS = Fuzzy Fingerprinting using static/passive heuristics
Reference: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2016/pdf/BRKSEC-2139.pdf
Question 249
What are two characteristics of Cisco DNA Center APIs? (Choose two)
Postman is required to utilize Cisco DNA Center API calls.
They do not support Python scripts.
They are Cisco proprietary.
They quickly provision new devices.
They view the overall health of the network
Question 250
What is a benefit of conducting device compliance checks?
It indicates what type of operating system is connecting to the network.
It validates if anti-virus software is installed.
It scans endpoints to determine if malicious activity is taking place.
It detects email phishing attacks.
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question