ExamGecko
Search Search Login
Home Home / Cisco / 350-701

Cisco 350-701 Practice Test - Questions Answers, Page 41

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which compliance status is shown when a configured posture policy requirement is not met?
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
DRAG DROP Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
Which ASA deployment mode can provide separation of management on a shared appliance?
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used?
What is a characteristic of Firepower NGIPS inline deployment mode?

Question 401

Report
Export
Collapse

What are two ways a network administrator transparently identifies users using Active Directory on the Cisco WSA? (Choose two.)

A.

Create an LDAP authentication realm and disable transparent user identification.

A.

Create an LDAP authentication realm and disable transparent user identification.

Answers
B.

Create NTLM or Kerberos authentication realm and enable transparent user identification.

B.

Create NTLM or Kerberos authentication realm and enable transparent user identification.

Answers
C.

Deploy a separate Active Directory agent such as Cisco Context Directory Agent.

C.

Deploy a separate Active Directory agent such as Cisco Context Directory Agent.

Answers
D.

The eDirectory client must be installed on each client workstation.

D.

The eDirectory client must be installed on each client workstation.

Answers
E.

Deploy a separate eDirectory server; the dent IP address is recorded in this server.

E.

Deploy a separate eDirectory server; the dent IP address is recorded in this server.

Answers
Suggested answer: A, C

Question 402

Report
Export
Collapse

Which baseline form of telemetry is recommended for network infrastructure devices?

A.

SDNS

A.

SDNS

Answers
B.

NetFlow

B.

NetFlow

Answers
C.

passive taps

C.

passive taps

Answers
D.

SNMP

D.

SNMP

Answers
Suggested answer: B

Question 403

Report
Export
Collapse

In which scenario is endpoint-based security the solution?

A.

inspecting encrypted traffic

A.

inspecting encrypted traffic

Answers
B.

device profiling and authorization

B.

device profiling and authorization

Answers
C.

performing signature-based application control

C.

performing signature-based application control

Answers
D.

inspecting a password-protected archive

D.

inspecting a password-protected archive

Answers
Suggested answer: C

Question 404

Report
Export
Collapse

Refer to the exhibit.

Refer to the exhibit. What is the result of the Python script?

A.

It uses the POST HTTP method to obtain a username and password to be used for authentication.

A.

It uses the POST HTTP method to obtain a username and password to be used for authentication.

Answers
B.

It uses the POST HTTP method to obtain a token to be used for authentication.

B.

It uses the POST HTTP method to obtain a token to be used for authentication.

Answers
C.

It uses the GET HTTP method to obtain a token to be used for authentication.

C.

It uses the GET HTTP method to obtain a token to be used for authentication.

Answers
D.

It uses the GET HTTP method to obtain a username and password to be used for authentication

D.

It uses the GET HTTP method to obtain a username and password to be used for authentication

Answers
Suggested answer: B

Question 405

Report
Export
Collapse

Why is it important to patch endpoints consistently?

A.

Patching reduces the attack surface of the infrastructure.

A.

Patching reduces the attack surface of the infrastructure.

Answers
B.

Patching helps to mitigate vulnerabilities.

B.

Patching helps to mitigate vulnerabilities.

Answers
C.

Patching is required per the vendor contract.

C.

Patching is required per the vendor contract.

Answers
D.

Patching allows for creating a honeypot.

D.

Patching allows for creating a honeypot.

Answers
Suggested answer: B

Question 406

Report
Export
Collapse

Which two parameters are used for device compliance checks? (Choose two.)

A.

endpoint protection software version

A.

endpoint protection software version

Answers
B.

Windows registry values

B.

Windows registry values

Answers
C.

DHCP snooping checks

C.

DHCP snooping checks

Answers
D.

DNS integrity checks

D.

DNS integrity checks

Answers
E.

device operating system version

E.

device operating system version

Answers
Suggested answer: C, E

Question 407

Report
Export
Collapse

Which Cisco cloud security software centrally manages policies on multiple platforms such as Cisco ASA, Cisco Firepower, Cisco Meraki, and AWS?

A.

Cisco Defense Orchestrator

A.

Cisco Defense Orchestrator

Answers
B.

Cisco Configuration Professional

B.

Cisco Configuration Professional

Answers
C.

Cisco Secureworks

C.

Cisco Secureworks

Answers
D.

Cisco DNAC

D.

Cisco DNAC

Answers
Suggested answer: A

Question 408

Report
Export
Collapse

Which Cisco security solution determines if an endpoint has the latest OS updates and patches installed on the system?

A.

Cisco Endpoint Security Analytics

A.

Cisco Endpoint Security Analytics

Answers
B.

Cisco AMP for Endpoints

B.

Cisco AMP for Endpoints

Answers
C.

Endpoint Compliance Scanner

C.

Endpoint Compliance Scanner

Answers
D.

Security Posture Assessment Service

D.

Security Posture Assessment Service

Answers
Suggested answer: A

Question 409

Report
Export
Collapse

A network administrator is configuring a role in an access control policy to block certain URLs and selects the "Chat and instant Messaging" category. which reputation score should be selected to accomplish this goal?

A.

3

A.

3

Answers
B.

5

B.

5

Answers
C.

10

C.

10

Answers
D.

1

D.

1

Answers
Suggested answer: C

Question 410

Report
Export
Collapse

Refer to the exhibit.

The DHCP snooping database resides on router R1, and dynamic ARP inspection is configured only on switch SW2. Which ports must be configured as untrusted so that dynamic ARP inspection operates normally?

A.

P2 and P3 only

A.

P2 and P3 only

Answers
B.

P5, P6, and P7 only

B.

P5, P6, and P7 only

Answers
C.

P1, P2, P3, and P4 only

C.

P1, P2, P3, and P4 only

Answers
D.

P2, P3, and P6 only

D.

P2, P3, and P6 only

Answers
Suggested answer: D
Total 631 questions
Go to page: of 64
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms