Embark upon your scholastic journey, anchored by the intellectual heft of the 350-701 dumps. Astutely designed to resonate with the kaleidoscopic nuances of the curriculum, the 350-701 dumps encompass a diverse spectrum of practice questions, ensuring scholarly depth. Be it the succinct elegance of PDFs or the immersive allure of the VCE format, the 350-701 dumps never fail to impress. An evocative study guide, emblematic of the 350-701 dumps, acts as a beacon, spotlighting areas of significance. Rooted in our unwavering belief in the capabilities of these tools, we proudly proclaim our 100% Pass Guarantee.
[New to the Library] Empower your exam studies with the complimentary 350-701 PDF and Exam Questions, aiming for perfection
Question 1:
A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.)
A. Segment different departments to different IP blocks and enable Dynamic ARp inspection on all VLANs
B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.
C. Ensure that a user cannot enter the network of another department.
D. Perform a posture check to allow only network access to (hose Windows devices that are already patched.
E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW. ni
Correct Answer: BD
Question 2:
What is the function of SDN southbound API protocols?
A. to allow for the dynamic configuration of control plane applications
B. to enable the controller to make changes
C. to enable the controller to use REST
D. to allow for the static configuration of control plane applications
Correct Answer: B
Reference: https://www.ciscopress.com/articles/article.asp?p=3004581andseqNum=2 Note: Southbound APIs helps us communicate with data plane (not control plane) applications
Question 3:
Which Dos attack uses fragmented packets to crash a target machine?
A. smurf
B. MITM
C. teardrop
D. LAND
Correct Answer: C
A teardrop attack is a denial-of-service (DoS) attack that involves sending fragmented packets to a targetmachine. Since the machine receiving such packets cannot reassemble them due to a bug in TCP/IPfragmentation reassembly, the packets overlap one another, crashing the target network device. This generally happens on older operating systems such as Windows 3.1x, Windows 95, Windows NT and versions of the Linux kernel prior to 2.1.63.
Question 4:
An engineer is trying to decide between using L2TP or GRE over IPsec for their site-to-site VPN implementation. What must be un solution?
A. L2TP is an IP packet encapsulation protocol, and GRE over IPsec is a tunneling protocol.
B. L2TP uses TCP port 47 and GRE over IPsec uses UDP port 1701.
C. GRE over IPsec adds its own header, and L2TP does not.
D. GRE over IPsec cannot be used as a standalone protocol, and L2TP can.
Correct Answer: A
Question 5:
Which two components do southbound APIs use to communicate with downstream devices? (Choose two.)
A. services running over the network
B. OpenFlow
C. external application APIs
D. applications running over the network
E. OpFlex
Correct Answer: BE
Question 6:
Refer to the exhibit.
What does the number 15 represent in this configuration?
A. privilege level for an authorized user to this router
B. access list that identifies the SNMP devices that can access the router
C. interval in seconds between SNMPv3 authentication attempts
D. number of possible failed attempts until the SNMPv3 user is locked out
Correct Answer: B
The syntax of this command is shown below: snmp-server group [group-name {v1 | v2c | v3 [auth | noauth | priv]}] [read read-view] [ write write-view] [notify notify-view] [access access-list] The command above restricts which IP source addresses are allowed to access SNMP functions on the router. You could restrict SNMP access by simply applying an interface ACL to block incoming SNMP packets that don\’t come from trusted servers. However, this would not be as effective as using the global SNMP commands shown in this recipe. Because you can apply this method once for the whole router, it is much simpler than applying ACLs to block SNMP on all interfaces separately. Also, using interface ACLs would block not only SNMP packets intended for this router, but also may stop SNMP packets that just happened to be passing through on their way to some other destination device.
Question 7:
How does a cloud access security broker function?
A. It is an authentication broker to enable single sign-on and multi-factor authentication for a cloud solution
B. lt integrates with other cloud solutions via APIs and monitors and creates incidents based on events from the cloud solution
C. It acts as a security information and event management solution and receives syslog from other cloud solutions.
D. It scans other cloud solutions being used within the network and identifies vulnerabilities
Correct Answer: B
A Cloud Access Security Broker (CASB) is a security solution that integrates with cloud solutions such as Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS) via APIs. It monitors cloud usage and creates incidents based on events from the cloud solution. This allows organizations to gain visibility into and control over their cloud usage, helping to protect against security threats and ensure compliance with security policies and regulations. CASBs can perform a variety of security-related functions, including identity and access management, data loss prevention, threat protection, and compliance enforcement, among others. By acting as an intermediary between cloud solutions and the organization, CASBs help to bridge the gap between security and cloud adoption, allowing organizations to securely adopt and manage cloud services.
Question 8:
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?
A. consumption
B. sharing
C. analysis
D. authoring
Correct Answer: A
we will showcase Cisco Threat Intelligence Director (CTID) an exciting feature on Cisco\’s FirepowerManagement Center (FMC) product offering that automates the operationalization of threat intelligence. TID has the ability to consume threat intelligence via STIX over TAXII and allows uploads/downloads of STIX and simple blacklists. Reference: https://blogs.cisco.com/developer/automate-threat- intelligence-using-cisco-threat-intelligencedirector
Question 9:
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the deployment?
A. NGFW
B. AMP
C. WSA
D. ESA
Correct Answer: B
Question 10:
Refer to the exhibit.
What are two indications of the Cisco Firepower Services Module configuration? (Choose two.)
A. The module is operating in IDS mode.
B. The module fails to receive redirected traffic
C. Traffic is blocked if the module fails.
D. Traffic continues to flow if the module fails.
E. The module is operating in IPS mode.
Correct Answer: AD
sfr {fail-open | fail-close [monitor-only]} <- There\'s a couple different options here. The first one is fail-open which means that if the Firepower software module is unavailable, the ASA will continue to forward traffic. fail-close means that if the Firepower module fails, the traffic will stop flowing. While this doesn\'t seem ideal, there might be a use case for it when securing highly regulated environments. The monitor-only switch can be used with both and basically puts the Firepower services into IDS-mode only. This might be useful for initial testing or setup.
Question 11:
Drag and drop the concepts from the left onto the correct descriptions on the right.
Select and Place:
Correct Answer:
Question 12:
What is the Cisco API-based broker that helps reduce compromises, application risks, and data breaches in an environment that is not on-premise?
A. Cisco Cloudlock
B. Cisco Umbrella
C. Cisco AMP
D. Cisco App Dynamics
Correct Answer: A
Cisco Cloudlock is a cloud-native cloud access security broker (CASB) that helps you move to the cloud safely.It protects your cloud users, data, and apps. Cisco Cloudlock provides visibility and compliance checks,protects data against misuse and exfiltration, and provides threat protections against malware like ransomware.
Question 13:
With regard to RFC 5176 compliance, how many IETF attributes are supported by the RADIUS CoA feature?
A. 3
B. 5
C. 10
D. 12
Correct Answer: D
Question 14:
What is a functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client?
A. The Umbrella Roaming client stops and tracks malicious activity on hosts, and AMP for Endpoints tracks only URL-based threats.
B. The Umbrella Roaming Client authenticates users and provides segmentation, and AMP for Endpoints allows only for VPN connectivity
C. AMP for Endpoints authenticates users and provides segmentation, and the Umbrella Roaming Client allows only for VPN connectivity.
D. AMP for Endpoints stops and tracks malicious activity on hosts, and the Umbrella Roaming Client tracks only URL-based threats.
Correct Answer: B
Question 15:
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
A. Security Intelligence
B. Impact Flags
C. Health Monitoring
D. URL Filtering
Correct Answer: B
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKSEC-3300.pdf
