ExamGecko
Search Search Login
Home Home / Cisco / 350-701

Cisco 350-701 Practice Test - Questions Answers, Page 60

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which compliance status is shown when a configured posture policy requirement is not met?
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
DRAG DROP Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
An administrator is configuring N I P on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source Which two steps must be taken to accomplish this task? (Choose two)
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
What is a characteristic of Dynamic ARP Inspection?
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)

Question 591

Report
Export
Collapse

Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatures on endpoints and then quarantine the files?

A.

Configure an advanced custom detection list.

A.

Configure an advanced custom detection list.

Answers
B.

Configure an IP Block & Allow custom detection list

B.

Configure an IP Block & Allow custom detection list

Answers
C.

Configure an application custom detection list

C.

Configure an application custom detection list

Answers
D.

Configure a simple custom detection list

D.

Configure a simple custom detection list

Answers
Suggested answer: A

Question 592

Report
Export
Collapse

What is the target in a phishing attack?

A.

perimeter firewall

A.

perimeter firewall

Answers
B.

IPS

B.

IPS

Answers
C.

web server

C.

web server

Answers
D.

endpoint

D.

endpoint

Answers
Suggested answer: D

Question 593

Report
Export
Collapse

Which two protocols must be configured to authenticate end users to the Cisco WSA? (Choose two.)

A.

TACACS+

A.

TACACS+

Answers
B.

CHAP

B.

CHAP

Answers
C.

NTLMSSP

C.

NTLMSSP

Answers
D.

RADIUS

D.

RADIUS

Answers
E.

Kerberos

E.

Kerberos

Answers
Suggested answer: C, E

Question 594

Report
Export
Collapse

What is the purpose of the Cisco Endpoint IoC feature?

A.

It is an incident response tool.

A.

It is an incident response tool.

Answers
B.

It provides stealth threat prevention.

B.

It provides stealth threat prevention.

Answers
C.

It is a signature-based engine.

C.

It is a signature-based engine.

Answers
D.

It provides precompromise detection.

D.

It provides precompromise detection.

Answers
Suggested answer: A

Explanation:

The Endpoint Indication of Compromise (IOC) feature is a powerful incident response tool for scanning of post-compromise indicators across multiple computers.

Question 595

Report
Export
Collapse

An organization is using DNS services for their network and want to help improve the security of the DNS infrastructure. Which action accomplishes this task?

A.

Use DNSSEC between the endpoints and Cisco Umbrella DNS servers.

A.

Use DNSSEC between the endpoints and Cisco Umbrella DNS servers.

Answers
B.

Modify the Cisco Umbrella configuration to pass queries only to non-DNSSEC capable zones.

B.

Modify the Cisco Umbrella configuration to pass queries only to non-DNSSEC capable zones.

Answers
C.

Integrate Cisco Umbrella with Cisco CloudLock to ensure that DNSSEC is functional.

C.

Integrate Cisco Umbrella with Cisco CloudLock to ensure that DNSSEC is functional.

Answers
D.

Configure Cisco Umbrella and use DNSSEC for domain authentication to authoritative servers.

D.

Configure Cisco Umbrella and use DNSSEC for domain authentication to authoritative servers.

Answers
Suggested answer: D

Question 596

Report
Export
Collapse

Which Cisco security solution provides patch management in the cloud?

A.

Cisco Umbrella

A.

Cisco Umbrella

Answers
B.

Cisco ISE

B.

Cisco ISE

Answers
C.

Cisco CloudLock

C.

Cisco CloudLock

Answers
D.

Cisco Tetration

D.

Cisco Tetration

Answers
Suggested answer: C

Question 597

Report
Export
Collapse

Refer to the exhibit,

which command results in these messages when attempting to troubleshoot an iPsec VPN connection?

A.

debug crypto isakmp

A.

debug crypto isakmp

Answers
B.

debug crypto ipsec endpoint

B.

debug crypto ipsec endpoint

Answers
C.

debug crypto Ipsec

C.

debug crypto Ipsec

Answers
D.

debug crypto isakmp connection

D.

debug crypto isakmp connection

Answers
Suggested answer: A

Question 598

Report
Export
Collapse

Which Cisco Umbrella package supports selective proxy for Inspection of traffic from risky domains?

A.

SIG Advantage

A.

SIG Advantage

Answers
B.

DNS Security Essentials

B.

DNS Security Essentials

Answers
C.

SIG Essentials

C.

SIG Essentials

Answers
D.

DNS Security Advantage

D.

DNS Security Advantage

Answers
Suggested answer: C

Question 599

Report
Export
Collapse

A security engineer must add destinations into a destination list in Cisco Umbrella. What describes the application of these changes?

A.

The changes are applied immediately it the destination list is part or a policy.

A.

The changes are applied immediately it the destination list is part or a policy.

Answers
B.

The destination list must be removed from the policy before changes are made to It.

B.

The destination list must be removed from the policy before changes are made to It.

Answers
C.

The changes are applied only after the configuration is saved in Cisco Umbrella.

C.

The changes are applied only after the configuration is saved in Cisco Umbrella.

Answers
D.

The user role of Block Page Bypass or higher is needed to perform these changes.

D.

The user role of Block Page Bypass or higher is needed to perform these changes.

Answers
Suggested answer: A

Question 600

Report
Export
Collapse

Which solution is more secure than the traditional use of a username and password and encompasses at least two of the methods of authentication?

A.

single-sign on

A.

single-sign on

Answers
B.

RADIUS/LDAP authentication

B.

RADIUS/LDAP authentication

Answers
C.

Kerberos security solution

C.

Kerberos security solution

Answers
D.

multifactor authentication

D.

multifactor authentication

Answers
Suggested answer: D
Total 631 questions
Go to page: of 64
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms