ExamGecko
Search Search Login
Home Home / Cisco / 350-701

Cisco 350-701 Practice Test - Questions Answers, Page 26

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which compliance status is shown when a configured posture policy requirement is not met?
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
DRAG DROP Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
Which ASA deployment mode can provide separation of management on a shared appliance?
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used?
What is a characteristic of Firepower NGIPS inline deployment mode?

Question 251

Report
Export
Collapse

In which two ways does Easy Connect help control network access when used with Cisco TrustSec?

(Choose two)

A.

It allows multiple security products to share information and work together to enhance security posture in the network.

A.

It allows multiple security products to share information and work together to enhance security posture in the network.

Answers
B.

It creates a dashboard in Cisco ISE that provides full visibility of all connected endpoints.

B.

It creates a dashboard in Cisco ISE that provides full visibility of all connected endpoints.

Answers
C.

It allows for the assignment of Security Group Tags and does not require 802.1x to be configured on the switch or the endpoint.

C.

It allows for the assignment of Security Group Tags and does not require 802.1x to be configured on the switch or the endpoint.

Answers
D.

It integrates with third-party products to provide better visibility throughout the network.

D.

It integrates with third-party products to provide better visibility throughout the network.

Answers
E.

It allows for managed endpoints that authenticate to AD to be mapped to Security Groups

(PassiveID).

E.

It allows for managed endpoints that authenticate to AD to be mapped to Security Groups

(PassiveID).

Answers
Suggested answer: C, E

Explanation:

Easy Connect simplifies network access control and segmentation by allowing the assignment of Security Group Tags to endpoints without requiring 802.1X on those endpoints, whether using wired or wireless connectivity.

Reference: https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprisenetworks/trustsec/trustsec-witheasy-connect-configuration-guide.pdf

Question 252

Report
Export
Collapse

What is the benefit of installing Cisco AMP for Endpoints on a network?

A.

It provides operating system patches on the endpoints for security.

A.

It provides operating system patches on the endpoints for security.

Answers
B.

It provides flow-based visibility for the endpoints network connections.

B.

It provides flow-based visibility for the endpoints network connections.

Answers
C.

It enables behavioral analysis to be used for the endpoints.

C.

It enables behavioral analysis to be used for the endpoints.

Answers
D.

It protects endpoint systems through application control and real-time scanning

D.

It protects endpoint systems through application control and real-time scanning

Answers
Suggested answer: D

Question 253

Report
Export
Collapse

An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?

A.

Set a trusted interface for the DHCP server

A.

Set a trusted interface for the DHCP server

Answers
B.

Set the DHCP snooping bit to 1

B.

Set the DHCP snooping bit to 1

Answers
C.

Add entries in the DHCP snooping database

C.

Add entries in the DHCP snooping database

Answers
D.

Enable ARP inspection for the required VLAN

D.

Enable ARP inspection for the required VLAN

Answers
Suggested answer: A

Explanation:

To understand DHCP snooping we need to learn about DHCP spoofing attack first.

DHCP spoofing is a type of attack in that the attacker listens for DHCP Requests from clients and answers them with fake DHCP Response before the authorized DHCP Response comes to the clients.

The fake DHCP Response often gives its IP address as the client default gateway -> all the traffic sent from the client will go through the attacker computer, the attacker becomes a "man-in-the-middle".

The attacker can have some ways to make sure its fake DHCP Response arrives first. In fact, if the attacker is "closer" than the DHCP Server then he doesn't need to do anything. Or he can DoS the DHCP Server so that it can't send the DHCP Response.

DHCP snooping can prevent DHCP spoofing attacks. DHCP snooping is a Cisco Catalyst feature that determines which switch ports can respond to DHCP requests. Ports are identified as trusted and untrusted.

Only ports that connect to an authorized DHCP server are trusted, and allowed to send all types of DHCP messages. All other ports on the switch are untrusted and can send only DHCP requests. If a DHCP response is seen on an untrusted port, the port is shut down.

Question 254

Report
Export
Collapse

Refer to the exhibit.

What will happen when the Python script is executed?

A.

The hostname will be translated to an IP address and printed.

A.

The hostname will be translated to an IP address and printed.

Answers
B.

The hostname will be printed for the client in the client ID field.

B.

The hostname will be printed for the client in the client ID field.

Answers
C.

The script will pull all computer hostnames and print them.

C.

The script will pull all computer hostnames and print them.

Answers
D.

The script will translate the IP address to FODN and print it

D.

The script will translate the IP address to FODN and print it

Answers
Suggested answer: C

Question 255

Report
Export
Collapse

Refer to the exhibit.

When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to utilize an external token authentication mechanism in conjunction with AAA authentication using machine certificates. Which configuration item must be modified to allow this?

A.

Group Policy

A.

Group Policy

Answers
B.

Method

B.

Method

Answers
C.

SAML Server

C.

SAML Server

Answers
D.

DHCP Servers

D.

DHCP Servers

Answers
Suggested answer: B

Explanation:

In order to use AAA along with an external token authentication mechanism, set the "Method" as "Both" in the Authentication.

Question 256

Report
Export
Collapse

An engineer has been tasked with implementing a solution that can be leveraged for securing the cloud users, data, and applications. There is a requirement to use the Cisco cloud native CASB and cloud cybersecurity platform. What should be used to meet these requirements?

A.

Cisco Umbrella

A.

Cisco Umbrella

Answers
B.

Cisco Cloud Email Security

B.

Cisco Cloud Email Security

Answers
C.

Cisco NGFW

C.

Cisco NGFW

Answers
D.

Cisco Cloudlock

D.

Cisco Cloudlock

Answers
Suggested answer: D

Explanation:

Cisco Cloudlock: Secure your cloud users, data, and applications with the cloud-native Cloud Access Security Broker (CASB) and cloud cybersecurity platform.

Reference: https://www.cisco.com/c/dam/en/us/products/collateral/security/cloud-websecurity/at-a-glance-c45- 738565.pdf

Question 257

Report
Export
Collapse

An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with other cloud solutions via an API. Which solution should be used to accomplish this goal?

A.

SIEM

A.

SIEM

Answers
B.

CASB

B.

CASB

Answers
C.

Adaptive MFA

C.

Adaptive MFA

Answers
D.

Cisco Cloudlock

D.

Cisco Cloudlock

Answers
Suggested answer: D

Explanation:

+ Cisco Cloudlock continuously monitors cloud environments with a cloud Data Loss Prevention (DLP) engine to identify sensitive information stored in cloud environments in violation of policy.

+ Cloudlock is API-based.

+ Incidents are a key resource in the Cisco Cloudlock application. They are triggered by the Cloudlock policy engine when a policy detection criteria result in a match in an object (document, field, folder, post, or file).

Reference: https://docs.umbrella.com/cloudlock-documentation/docs/endpointsNote:

+ Security information and event management (SIEM) platforms collect log and event data from security systems, networks and computers, and turn it into actionable security insights.

+ An incident is a record of the triggering of an alerting policy. Cloud Monitoring opens an incident when a condition of an alerting policy has been met.

Question 258

Report
Export
Collapse

Why is it important to implement MFA inside of an organization?

A.

To prevent man-the-middle attacks from being successful.

A.

To prevent man-the-middle attacks from being successful.

Answers
B.

To prevent DoS attacks from being successful.

B.

To prevent DoS attacks from being successful.

Answers
C.

To prevent brute force attacks from being successful.

C.

To prevent brute force attacks from being successful.

Answers
D.

To prevent phishing attacks from being successful.

D.

To prevent phishing attacks from being successful.

Answers
Suggested answer: C

Question 259

Report
Export
Collapse

A network administrator is configuring SNMPv3 on a new router. The users have already been created; however, an additional configuration is needed to facilitate access to the SNMP views. What must the administrator do to accomplish this?

A.

map SNMPv3 users to SNMP views

A.

map SNMPv3 users to SNMP views

Answers
B.

set the password to be used for SNMPv3 authentication

B.

set the password to be used for SNMPv3 authentication

Answers
C.

define the encryption algorithm to be used by SNMPv3

C.

define the encryption algorithm to be used by SNMPv3

Answers
D.

specify the UDP port used by SNMP

D.

specify the UDP port used by SNMP

Answers
Suggested answer: B

Question 260

Report
Export
Collapse

An organization is using Cisco Firepower and Cisco Meraki MX for network security and needs to centrally manage cloud policies across these platforms. Which software should be used to accomplish this goal?

A.

Cisco Defense Orchestrator

A.

Cisco Defense Orchestrator

Answers
B.

Cisco Secureworks

B.

Cisco Secureworks

Answers
C.

Cisco DNA Center

C.

Cisco DNA Center

Answers
D.

Cisco Configuration Professional

D.

Cisco Configuration Professional

Answers
Suggested answer: A

Explanation:

Cisco Defense Orchestrator is a cloud-based management solution that allows you to manage security policies and device configurations with ease across multiple Cisco and cloud-native security platforms.

Cisco Defense Orchestrator features:

….

Management of hybrid environments: Managing a mix of firewalls running the ASA, FTD, and Meraki MX software is now easy, with the ability to share policy elements across platforms.

Reference: https://www.cisco.com/c/en/us/products/collateral/security/defenseorchestrator/datasheet-c78-736847.html

Total 631 questions
Go to page: of 64
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms