ExamGecko
Search Search Login
Home Home / Cisco / 350-701

Cisco 350-701 Practice Test - Questions Answers, Page 9

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which compliance status is shown when a configured posture policy requirement is not met?
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
DRAG DROP Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
An administrator is configuring N I P on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source Which two steps must be taken to accomplish this task? (Choose two)
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
What is a characteristic of Dynamic ARP Inspection?
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)

Question 81

Report
Export
Collapse

In which cloud services model is the tenant responsible for virtual machine OS patching?

A.

IaaS

A.

IaaS

Answers
B.

UCaaS

B.

UCaaS

Answers
C.

PaaS

C.

PaaS

Answers
D.

SaaS

D.

SaaS

Answers
Suggested answer: A

Explanation:

Only in On-site (on-premises) and IaaS we (tenant) manage O/S (Operating System).

Question 82

Report
Export
Collapse

Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?

A.

PaaS

A.

PaaS

Answers
B.

XaaS

B.

XaaS

Answers
C.

IaaS

C.

IaaS

Answers
D.

SaaS

D.

SaaS

Answers
Suggested answer: A

Explanation:

Cloud computing can be broken into the following three basic models:

+ Infrastructure as a Service (IaaS): IaaS describes a cloud solution where you are renting infrastructure. You purchase virtual power to execute your software as needed. This is much like running a virtual server on your own equipment, except you are now running a virtual server on a virtual disk. This model is similar to a utility company model because you pay for what you use.

+ Platform as a Service (PaaS): PaaS provides everything except applications. Services provided by this model include all phases of the system development life cycle (SDLC) and can use application programming interfaces (APIs), website portals, or gateway software. These solutions tend to be proprietary, which can cause problems if the customer moves away from the provider's platform.

+ Software as a Service (SaaS): SaaS is designed to provide a complete packaged solution. The software is rented out to the user. The service is usually provided through some type of front end or web portal. While the end user is free to use the service from anywhere, the company pays a peruse fee.

Reference: CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide

Question 83

Report
Export
Collapse

What does the Cloudlock Apps Firewall do to mitigate security concerns from an application perspective?

A.

It allows the administrator to quarantine malicious files so that the application can function, just not maliciously.

A.

It allows the administrator to quarantine malicious files so that the application can function, just not maliciously.

Answers
B.

It discovers and controls cloud apps that are connected to a company's corporate environment.

B.

It discovers and controls cloud apps that are connected to a company's corporate environment.

Answers
C.

It deletes any application that does not belong in the network.

C.

It deletes any application that does not belong in the network.

Answers
D.

It sends the application information to an administrator to act on.

D.

It sends the application information to an administrator to act on.

Answers
Suggested answer: B

Question 84

Report
Export
Collapse

Which solution protects hybrid cloud deployment workloads with application visibility and segmentation?

A.

Nexus

A.

Nexus

Answers
B.

Stealthwatch

B.

Stealthwatch

Answers
C.

Firepower

C.

Firepower

Answers
D.

Tetration

D.

Tetration

Answers
Suggested answer: D

Question 85

Report
Export
Collapse

In a PaaS model, which layer is the tenant responsible for maintaining and patching?

A.

hypervisor

A.

hypervisor

Answers
B.

virtual machine

B.

virtual machine

Answers
C.

network

C.

network

Answers
D.

application

D.

application

Answers
Suggested answer: D

Question 86

Report
Export
Collapse

On which part of the IT environment does DevSecOps focus?

A.

application development

A.

application development

Answers
B.

wireless network

B.

wireless network

Answers
C.

data center

C.

data center

Answers
D.

perimeter network

D.

perimeter network

Answers
Suggested answer: A

Question 87

Report
Export
Collapse

What is the function of Cisco Cloudlock for data security?

A.

data loss prevention

A.

data loss prevention

Answers
B.

controls malicious cloud apps

B.

controls malicious cloud apps

Answers
C.

detects anomalies

C.

detects anomalies

Answers
D.

user and entity behavior analytics

D.

user and entity behavior analytics

Answers
Suggested answer: A

Question 88

Report
Export
Collapse

An administrator wants to ensure that all endpoints are compliant before users are allowed access on the corporate network. The endpoints must have the corporate antivirus application installed and be running the latest build of Windows 10.

What must the administrator implement to ensure that all devices are compliant before they are allowed on the network?

A.

Cisco Identity Services Engine and AnyConnect Posture module

A.

Cisco Identity Services Engine and AnyConnect Posture module

Answers
B.

Cisco Stealthwatch and Cisco Identity Services Engine integration

B.

Cisco Stealthwatch and Cisco Identity Services Engine integration

Answers
C.

Cisco ASA firewall with Dynamic Access Policies configured

C.

Cisco ASA firewall with Dynamic Access Policies configured

Answers
D.

Cisco Identity Services Engine with PxGrid services enabled

D.

Cisco Identity Services Engine with PxGrid services enabled

Answers
Suggested answer: A

Question 89

Report
Export
Collapse

An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the endpoint to apply a new or updated policy from ISE. Which CoA type achieves this goal?

A.

Port Bounce

A.

Port Bounce

Answers
B.

CoA Terminate

B.

CoA Terminate

Answers
C.

CoA Reauth

C.

CoA Reauth

Answers
D.

CoA Session Query

D.

CoA Session Query

Answers
Suggested answer: C

Question 90

Report
Export
Collapse

Which two probes are configured to gather attributes of connected endpoints using Cisco Identity Services Engine? (Choose two)

A.

RADIUS

A.

RADIUS

Answers
B.

TACACS+

B.

TACACS+

Answers
C.

DHCP

C.

DHCP

Answers
D.

sFlow

D.

sFlow

Answers
E.

SMTP

E.

SMTP

Answers
Suggested answer: A, C
Total 631 questions
Go to page: of 64
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms