ExamGecko
Search Search Login
Home Home / Cisco / 350-701

Cisco 350-701 Practice Test - Questions Answers, Page 61

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which compliance status is shown when a configured posture policy requirement is not met?
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
DRAG DROP Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
An administrator is configuring N I P on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source Which two steps must be taken to accomplish this task? (Choose two)
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
What is a characteristic of Dynamic ARP Inspection?
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)

Question 601

Report
Export
Collapse

Which Cisco network security device supports contextual awareness?

A.

Firepower

A.

Firepower

Answers
B.

CISCO ASA

B.

CISCO ASA

Answers
C.

Cisco IOS

C.

Cisco IOS

Answers
D.

ISE

D.

ISE

Answers
Suggested answer: D

Question 602

Report
Export
Collapse

Which VPN provides scalability for organizations with many remote sites?

A.

DMVPN

A.

DMVPN

Answers
B.

site-to-site iPsec

B.

site-to-site iPsec

Answers
C.

SSL VPN

C.

SSL VPN

Answers
D.

GRE over IPsec

D.

GRE over IPsec

Answers
Suggested answer: A

Question 603

Report
Export
Collapse

Based on the NIST 800-145 guide, which cloud architecture is provisioned for exclusive use by a specific group of consumers from different organizations and may be owned, managed, and operated by one or more of those organizations?

A.

hybrid cloud

A.

hybrid cloud

Answers
B.

private cloud

B.

private cloud

Answers
C.

community cloud

C.

community cloud

Answers
D.

public cloud

D.

public cloud

Answers
Suggested answer: C

Question 604

Report
Export
Collapse

When MAB is configured for use within the 802.1X environment, an administrator must create a policy that allows the devices onto the network. Which information is used for the username and password?

A.

The MAB uses the IP address as username and password.

A.

The MAB uses the IP address as username and password.

Answers
B.

The MAB uses the call-station-ID as username and password.

B.

The MAB uses the call-station-ID as username and password.

Answers
C.

Each device must be set manually by the administrator.

C.

Each device must be set manually by the administrator.

Answers
D.

The MAB uses the MAC address as username and password.

D.

The MAB uses the MAC address as username and password.

Answers
Suggested answer: D

Question 605

Report
Export
Collapse

An engineer must configure Cisco AMP for Endpoints so that it contains a list of files that should not be executed by users. These files must not be quarantined. Which action meets this configuration requirement?

A.

Identity the network IPs and place them in a blocked list.

A.

Identity the network IPs and place them in a blocked list.

Answers
B.

Modify the advanced custom detection list to include these files.

B.

Modify the advanced custom detection list to include these files.

Answers
C.

Create an application control blocked applications list.

C.

Create an application control blocked applications list.

Answers
D.

Add a list for simple custom detection.

D.

Add a list for simple custom detection.

Answers
Suggested answer: C

Question 606

Report
Export
Collapse

DRAG DROP

Drag and drop the Cisco CWS redirection options from the left onto the capabilities on the right.


Question 606
Correct answer: Question 606

Question 607

Report
Export
Collapse

DRAG DROP

Refer to the exhibit.

An engineer must configure a Cisco switch to perform PPP authentication via a TACACS server located at IP address 10.1.1.10. Authentication must fall back to the local database using the username LocalUser and password C1Sc0451069341l if the TACACS server is unreachable.

Drag and drop the commands from the left onto the corresponding configuration steps on the right.


Question 607
Correct answer: Question 607

Question 608

Report
Export
Collapse

Which technology must De used to Implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity?

A.

GET VPN

A.

GET VPN

Answers
B.

IPsec DVTI

B.

IPsec DVTI

Answers
C.

DMVPN

C.

DMVPN

Answers
D.

FlexVPN

D.

FlexVPN

Answers
Suggested answer: A

Explanation:

Group Encrypted Transport VPN (GET VPN) is used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity. GET VPN provides a way to encrypt traffic between sites without the need for point-to-point tunnels, supporting efficient, scalable, and secure communication across a broad network infrastructure.

Question 609

Report
Export
Collapse

Which two devices support WCCP for traffic redirection? (Choose two.)

A.

Cisco Secure Web Appliance

A.

Cisco Secure Web Appliance

Answers
B.

Cisco IOS

B.

Cisco IOS

Answers
C.

proxy server

C.

proxy server

Answers
D.

Cisco ASA

D.

Cisco ASA

Answers
E.

Cisco IPS

E.

Cisco IPS

Answers
Suggested answer: B, D

Explanation:

Web Cache Communication Protocol (WCCP) is supported on Cisco IOS routers and Cisco ASA firewalls. WCCP allows these devices to redirect traffic to a WCCP-capable device, such as a web cache or a Cisco Secure Web Appliance, for processing. This redirection can be used for tasks like content filtering, web caching, and load balancing.

Question 610

Report
Export
Collapse

Which two types of connectors are used to generate telemetry data from IPFIX records in a Cisco Secure Workload implementation? (Choose two.)

A.

ADC

A.

ADC

Answers
B.

ERSPAN

B.

ERSPAN

Answers
C.

Cisco ASA

C.

Cisco ASA

Answers
D.

NetFlow

D.

NetFlow

Answers
E.

Cisco Secure Workload

E.

Cisco Secure Workload

Answers
Suggested answer: D, E

Explanation:

In a Cisco Secure Workload implementation, telemetry data can be generated from IPFIX (Internet Protocol Flow Information Export) records using NetFlow connectors and Cisco Secure Workload itself. NetFlow provides insights into network traffic flow and volume, while Cisco Secure Workload uses this data for visibility, segmentation, and security analytics within the data center.

Total 631 questions
Go to page: of 64
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms