Cisco 350-701 Practice Test - Questions Answers, Page 58
Question list
List of questions
Related questions
For a given policy in Cisco Umbrella, how should a customer block website based on a custom list?
by specifying blocked domains in me policy settings
by specifying the websites in a custom blocked category
by adding the websites to a blocked type destination list
by adding the website IP addresses to the Cisco Umbrella blocklist
An engineer must set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used?
sticky
static
aging
maximum
Which Cisco Firewall solution requires zone definition?
CBAC
Cisco AMP
ZBFW
Cisco ASA
A company recently discovered an attack propagating throughout their Windows network via a file named abc428565580xyz exe The malicious file was uploaded to a Simple Custom Detection list in the AMP for Endpoints Portal and the currently applied policy for the Windows clients was updated to reference the detection list Verification testing scans on known infected systems shows that AMP for Endpoints is not detecting the presence of this file as an indicator of compromise What must be performed to ensure detection of the malicious file?
Upload the malicious file to the Blocked Application Control List
Use an Advanced Custom Detection List instead of a Simple Custom Detection List
Check the box in the policy configuration to send the file to Cisco Threat Grid for dynamic analysis
Upload the SHA-256 hash for the file to the Simple Custom Detection List
Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two)
posture assessment
aaa authorization exec default local
tacacs-server host 10.1.1.250 key password
aaa server radius dynamic-author
CoA
An engineer is configuring Cisco WSA and needs to deploy it in transparent mode. Which configuration component must be used to accomplish this goal?
MDA on the router
PBR on Cisco WSA
WCCP on switch
DNS resolution on Cisco WSA
Which feature is used in a push model to allow for session identification, host reauthentication, and session termination?
AAA attributes
CoA request
AV pair
carrier-grade NAT
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices The default management port conflicts with other communications on the network and must be changed. What must be done to ensure that all devices can communicate together?
Set the sftunnel to go through the Cisco FTD
Change the management port on Cisco FMC so that it pushes the change to all managed Cisco FTD devices
Set the sftunnel port to 8305.
Manually change the management port on Cisco FMC and all managed Cisco FTD devices
What is the concept of Cl/CD pipelining?
The project is split into several phases where one phase cannot start before the previous phase finishes successfully.
The project code is centrally maintained and each code change should trigger an automated build and test sequence
The project is split into time-limited cycles and focuses on pair programming for continuous code review
Each project phase is independent from other phases to maintain adaptiveness and continual improvement
Why should organizations migrate to a multifactor authentication strategy?
Multifactor authentication methods of authentication are never compromised
Biometrics authentication leads to the need for multifactor authentication due to its ability to be hacked easily
Multifactor authentication does not require any piece of evidence for an authentication mechanism
Single methods of authentication can be compromised more easily than multifactor authentication
Question