Cisco 350-701 Practice Test - Questions Answers, Page 42
Question list
List of questions
Related questions
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
service password-encryption
username <username> privilege 15 password <password>
service password-recovery
username < username> password <password>
Which security solution protects users leveraging DNS-layer security?
Cisco ISE
Cisco FTD
Cisco Umbrella
Cisco ASA
Which CoA response code is sent if an authorization state is changed successfully on a Cisco IOS device?
CoA-NCL
CoA-NAK
???-???
CoA-ACK
Which security solution uses NetFlow to provide visibility across the network, data center, branch offices, and cloud?
Cisco CTA
Cisco Stealthwatch
Cisco Encrypted Traffic Analytics
Cisco Umbrella
How does a WCCP-configured router identify if the Cisco WSA is functional?
If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the router.
If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the WSA.
The WSA sends a Here-l-Am message every 10 seconds, and the router acknowledges with an ISee-You message.
The router sends a Here-l-Am message every 10 seconds, and the WSA acknowledges with an ISee-You message.
Which solution supports high availability in routed or transparent mode as well as in northbound and southbound deployments?
Cisco FTD with Cisco ASDM
Cisco FTD with Cisco FMC
Cisco Firepower NGFW physical appliance with Cisco. FMC
Cisco Firepower NGFW Virtual appliance with Cisco FMC
Which Cisco ASA Platform mode disables the threat detection features except for Advanced Threat Statistics?
cluster
transparent
routed
multiple context
Which benefit does DMVPN provide over GETVPN?
DMVPN supports QoS, multicast, and routing, and GETVPN supports only QoS.
DMVPN is a tunnel-less VPN, and GETVPN is tunnel-based.
DMVPN supports non-IP protocols, and GETVPN supports only IP protocols.
DMVPN can be used over the public Internet, and GETVPN requires a private network.
An organization has DHCP servers set up to allocate IP addresses to clients on the LAN. What must be done to ensure the LAN switches prevent malicious DHCP traffic while also distributing IP addresses to the correct endpoints?
Configure Dynamic ARP inspection and add entries in the DHCP snooping database.
Configure DHCP snooping and set trusted interfaces for all client connections.
Configure Dynamic ARP inspection and antispoofing ACLs in the DHCP snooping database.
Configure DHCP snooping and set a trusted interface for the DHCP server
Which two parameters are used to prevent a data breach in the cloud? (Choose two.)
DLP solutions
strong user authentication
encryption
complex cloud-based web proxies
antispoofing programs
Question