Cause all that matters here is passing the Cisco 350-701 exam. Cause all that you need is a high score of 350-701 Implementing and Operating Cisco Security Core Technologies exam. The only one thing you need to do is downloading Actualtests 350-701 exam study guides now. We will not let you down with our money-back guarantee.
Cisco 350-701 Free Dumps Questions Online, Read and Test Now.
NEW QUESTION 1
What are two list types within AMP for Endpoints Outbreak Control? (Choose two.)
- A. blocked ports
- B. simple custom detections
- C. command and control
- D. allowed applications
- E. URL
Reference: https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf chapter 2
NEW QUESTION 2
What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two.)
- A. TACACS+
- B. central web auth
- C. single sign-on
- D. multiple factor auth
- E. local web auth
NEW QUESTION 3
What is a characteristic of traffic storm control behavior?
- A. Traffic storm control drops all broadcast and multicast traffic if the combined traffic exceeds the level within the interval.
- B. Traffic storm control cannot determine if the packet is unicast or broadcast.
- C. Traffic storm control monitors incoming traffic levels over a 10-second traffic storm control interval.
- D. Traffic storm control uses the Individual/Group bit in the packet source address to determine if the packet is unicast or broadcast.
NEW QUESTION 4
Which command enables 802.1X globally on a Cisco switch?
- A. dot1x system-auth-control
- B. dot1x pae authenticator
- C. authentication port-control auto
- D. aaa new-model
NEW QUESTION 5
Drag and drop the descriptions from the left onto the correct protocol versions on the right.
- A. Mastered
- B. Not Mastered
NEW QUESTION 6
An engineer needs a solution for TACACS+ authentication and authorization for device administration. The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to use 802.1X, MAB, or WebAuth. Which product meets all of these requirements?
- A. Cisco Prime Infrastructure
- B. Cisco Identity Services Engine
- C. Cisco Stealthwatch
- D. Cisco AMP for Endpoints
NEW QUESTION 7
How is Cisco Umbrella configured to log only security events?
- A. per policy
- B. in the Reporting settings
- C. in the Security Settings section
- D. per network in the Deployments section
NEW QUESTION 8
Which technology is used to improve web traffic performance by proxy caching?
- A. WSA
- B. Firepower
- C. FireSIGHT
- D. ASA
NEW QUESTION 9
What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging?
- A. It tracks flow-create, flow-teardown, and flow-denied events.
- B. It provides stateless IP flow tracking that exports all records of a specific flow.
- C. It tracks the flow continuously and provides updates every 10 seconds.
- D. Its events match all traffic classes in parallel.
NEW QUESTION 10
Which information is required when adding a device to Firepower Management Center?
- A. username and password
- B. encryption method
- C. device serial number
- D. registration key
NEW QUESTION 11
Which two mechanisms are used to control phishing attacks? (Choose two.)
- A. Enable browser alerts for fraudulent websites.
- B. Define security group memberships.
- C. Revoke expired CRL of the websites.
- D. Use antispyware software.
- E. Implement email filtering techniques.
NEW QUESTION 12
Which benefit does endpoint security provide the overall security posture of an organization?
- A. It streamlines the incident response process to automatically perform digital forensics on the endpoint.
- B. It allows the organization to mitigate web-based attacks as long as the user is active in the domain.
- C. It allows the organization to detect and respond to threats at the edge of the network.
- D. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect.
NEW QUESTION 13
Refer to the exhibit.
Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?
- A. show authentication registrations
- B. show authentication method
- C. show dot1x all
- D. show authentication sessions
NEW QUESTION 14
Where are individual sites specified to be blacklisted in Cisco Umbrella?
- A. application settings
- B. content categories
- C. security settings
- D. destination lists
NEW QUESTION 15
Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?
- A. IP Blacklist Center
- B. File Reputation Center
- C. AMP Reputation Center
- D. IP and Domain Reputation Center
NEW QUESTION 16
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?
- A. quality of service
- B. time synchronization
- C. network address translations
- D. intrusion policy
NEW QUESTION 17
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)
- A. data exfiltration
- B. command and control communication
- C. intelligent proxy
- D. snort
- E. URL categorization
NEW QUESTION 18
Refer to the exhibit.
What does the number 15 represent in this configuration?
- A. privilege level for an authorized user to this router
- B. access list that identifies the SNMP devices that can access the router
- C. interval in seconds between SNMPv3 authentication attempts
- D. number of possible failed attempts until the SNMPv3 user is locked out
NEW QUESTION 19
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.)
- A. Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.
- B. The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.
- C. The IPsec configuration that is set up on the active device must be duplicated on the standby device.
- D. Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically.
- E. The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.
NEW QUESTION 20
Which two descriptions of AES encryption are true? (Choose two.)
- A. AES is less secure than 3DES.
- B. AES is more secure than 3DES.
- C. AES can use a 168-bit key for encryption.
- D. AES can use a 256-bit key for encryption.
- E. AES encrypts and decrypts a key three times in sequence.
NEW QUESTION 21
In a PaaS model, which layer is the tenant responsible for maintaining and patching?
- A. hypervisor
- B. virtual machine
- C. network
- D. application
NEW QUESTION 22
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)
- A. phishing
- B. brute force
- C. man-in-the-middle
- D. DDOS
- E. tear drop
NEW QUESTION 23
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two.)
- A. Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
- B. Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network.
- C. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.
- D. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
- E. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.
NEW QUESTION 24
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.)
- A. Check integer, float, or Boolean string parameters to ensure accurate values.
- B. Use prepared statements and parameterized queries.
- C. Secure the connection between the web and the app tier.
- D. Write SQL code instead of using object-relational mapping libraries.
- E. Block SQL code execution in the web application database login.
NEW QUESTION 25
When web policies are configured in Cisco Umbrella, what provides the ability to ensure that domains are blocked when they host malware, command and control, phishing, and more threats?
- A. Application Control
- B. Security Category Blocking
- C. Content Category Blocking
- D. File Analysis
NEW QUESTION 26
Thanks for reading the newest 350-701 exam dumps! We recommend you to try the PREMIUM 2passeasy 350-701 dumps in VCE and PDF here: https://www.2passeasy.com/dumps/350-701/ (102 Q&As Dumps)