Cisco 350-701 Practice Test - Questions Answers, Page 56
Question list
Related questions
DRAG DROP
Drag and drop the deployment models from the left onto the explanations on the right.
Which ESA implementation method segregates inbound and outbound email?
one listener on a single physical Interface
pair of logical listeners on a single physical interface with two unique logical IPv4 addresses and one IPv6 address
pair of logical IPv4 listeners and a pair Of IPv6 listeners on two physically separate interfaces
one listener on one logical IPv4 address on a single logical interface
During a recent security audit a Cisco IOS router with a working IPSEC configuration using IKEv1 was flagged for using a wildcard mask with the crypto isakmp key command The VPN peer is a SOHO router with a dynamically assigned IP address Dynamic DNS has been configured on the SOHO router to map the dynamic IP address to the host name of vpn sohoroutercompany.com In addition to the command crypto isakmp key Cisc425007536 hostname vpn.sohoroutercompany.com what other two commands are now required on the Cisco IOS router for the VPN to continue to function after the wildcard command is removed? (Choose two)
ip host vpn.sohoroutercompany.eom <VPN Peer IP Address>
crypto isakmp identity hostname
Add the dynamic keyword to the existing crypto map command
fqdn vpn.sohoroutercompany.com <VPN Peer IP Address>
ip name-server <DNS Server IP Address>
Which command is used to log all events to a destination colector 209.165.201.107?
CiscoASA(config-pmap-c)#flow-export event-type flow-update destination 209.165.201.10
CiscoASA(config-cmap)# flow-export event-type all destination 209.165.201.
CiscoASA(config-pmap-c)#flow-export event-type all destination 209.165.201.10
CiscoASA(config-cmap)#flow-export event-type flow-update destination 209.165.201.10
What is the most commonly used protocol for network telemetry?
SMTP
SNMP
TFTP
NctFlow
What are two functions of IKEv1 but not IKEv2? (Choose two)
NAT-T is supported in IKEv1 but rot in IKEv2.
With IKEv1, when using aggressive mode, the initiator and responder identities are passed cleartext
With IKEv1, mode negotiates faster than main mode
IKEv1 uses EAP authentication
IKEv1 conversations are initiated by the IKE_SA_INIT message
Which threat intelligence standard contains malware hashes?
structured threat information expression
advanced persistent threat
trusted automated exchange or indicator information
open command and control
A company identified a phishing vulnerability during a pentest What are two ways the company can protect employees from the attack? (Choose two.)
using Cisco Umbrella
using Cisco ESA
using Cisco FTD
using an inline IPS/IDS in the network
using Cisco ISE
Which Cisco ISE feature helps to detect missing patches and helps with remediation?
posture assessment
profiling policy
authentication policy
enabling probes
Refer to the exhibit.
What is the result of using this authentication protocol in the configuration?
The authentication request contains only a username.
The authentication request contains only a password.
There are separate authentication and authorization request packets.
The authentication and authorization requests are grouped in a single packet.
Question