Cisco 350-701 Practice Test - Questions Answers, Page 35
Question list
List of questions
Related questions
Refer to the exhibit.
How does Cisco Umbrella manage traffic that is directed toward risky domains?
Traffic is proximed through the intelligent proxy.
Traffic is managed by the security settings and blocked.
Traffic is managed by the application settings, unhandled and allowed.
Traffic is allowed but logged.
An engineer needs to add protection for data in transit and have headers in the email message Which configuration is needed to accomplish this goal?
Provision the email appliance
Deploy an encryption appliance.
Map sender !P addresses to a host interface.
Enable flagged message handling
How does a cloud access security broker function?
It is an authentication broker to enable single sign-on and multi-factor authentication for a cloud solution
lt integrates with other cloud solutions via APIs and monitors and creates incidents based on events from the cloud solution
It acts as a security information and event management solution and receives syslog from other cloud solutions.
It scans other cloud solutions being used within the network and identifies vulnerabilities
An engineer integrates Cisco FMC and Cisco ISE using pxGrid Which role is assigned for Cisco FMC?
client
server
controller
publisher
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address Error! Hyperlink reference not valid.
IP>/capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?
Disable the proxy setting on the browser
Disable the HTTPS server and use HTTP instead
Use the Cisco FTD IP address as the proxy server setting on the browser
Enable the HTTPS server for the device platform policy
What is a description of microsegmentation?
Environments apply a zero-trust model and specify how applications on different servers or containers can communicate
Environments deploy a container orchestration platform, such as Kubernetes, to manage the application delivery
Environments implement private VLAN segmentation to group servers with similar applications.
Environments deploy centrally managed host-based firewall rules on each server or container
What must be enabled to secure SaaS-based applications?
modular policy framework
two-factor authentication
application security gateway
end-to-end encryption
What are two ways a network administrator transparently identifies users using Active Directory on the Cisco WSA? (Choose two.) The eDirectory client must be installed on each client workstation.
Create NTLM or Kerberos authentication realm and enable transparent user identification
Deploy a separate Active Directory agent such as Cisco Context Directory Agent.
Create an LDAP authentication realm and disable transparent user identification.
Deploy a separate eDirectory server: the client IP address is recorded in this server
Which method of attack is used by a hacker to send malicious code through a web application to an unsuspecting user to request that the victim's web browser executes the code?
buffer overflow
browser WGET
SQL injection
cross-site scripting
An administrator enables Cisco Threat Intelligence Director on a Cisco FMC. Which process uses STIX and allows uploads and downloads of block lists?
consumption
sharing
editing
authoring
Question