Get Perfect Results with Premium 350-701 Dumps Updated 607 Questions [Q21-Q46]

Share

Get Perfect Results with Premium 350-701 Dumps Updated 607 Questions

Free 350-701 Exam Study Guide for the NEW Dumps Test Engine


Cisco 350-701 exam is a 120-minute test that comprises a variety of question formats, including multiple-choice, drag-and-drop, and simulations. 350-701 exam is conducted in English and can be taken at any Pearson VUE test center worldwide. 350-701 exam fee is $400, and candidates can register for the exam on the Pearson VUE website.

 

NEW QUESTION # 21
Refer to the exhibit.

A network administrator configures command authorization for the admm5 user. What is the admin5 user able to do on HQ_Router after this configuration?

  • A. complete all configurations
  • B. add subinterfaces
  • C. set the IP address of an interface
  • D. complete no configurations

Answer: D


NEW QUESTION # 22
Which RADIUS attribute can you use to filter MAB requests in an 802.1 x deployment?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D

Explanation:
Because MAB uses the MAC address as a username and password, you should make sure that the RADIUS server can differentiate MAB requests from other types of requests for network access. This precaution will prevent other clients from attempting to use a MAC address as a valid credential. Cisco switches uniquely identify MAB requests by setting Attribute 6 (Service-Type) to 10 (Call-Check) in a MAB Access-Request message. Therefore, you can use Attribute 6 to filter MAB requests at the RADIUS server.
Because MAB uses the MAC address as a username and password, you should make sure that the RADIUS server can differentiate MAB requests from other types of requests for network access. This precaution will prevent other clients from attempting to use a MAC address as a valid credential. Cisco switches uniquely identify MAB requests by setting Attribute 6 (Service-Type) to 10 (Call-Check) in a MAB Access-Request message. Therefore, you can use Attribute 6 to filter MAB requests at the RADIUS server.
Reference:
Because MAB uses the MAC address as a username and password, you should make sure that the RADIUS server can differentiate MAB requests from other types of requests for network access. This precaution will prevent other clients from attempting to use a MAC address as a valid credential. Cisco switches uniquely identify MAB requests by setting Attribute 6 (Service-Type) to 10 (Call-Check) in a MAB Access-Request message. Therefore, you can use Attribute 6 to filter MAB requests at the RADIUS server.


NEW QUESTION # 23
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?

  • A. IaaS
  • B. XaaS
  • C. SaaS
  • D. PaaS

Answer: D


NEW QUESTION # 24
How is Cisco Umbrella configured to log only security events?

  • A. per policy
  • B. in the Reporting settings
  • C. per network in the Deployments section
  • D. in the Security Settings section

Answer: A

Explanation:
The logging of your identities' activities is set per-policy when you first create a policy. By default, logging is on and set to log all requests an identity makes to reach destinations. At any time after you create a policy, you can change what level of identity activity Umbrella logs.
From the Policy wizard, log settings are:
Log All Requests-For full logging, whether for content, security or otherwise Log Only Security Events-For security logging only, which gives your users more privacy-a good setting for people with the roaming client installed on personal devices Don't Log Any Requests-Disables all logging. If you select this option, most reporting for identities with this policy will not be helpful as nothing is logged to report on.


NEW QUESTION # 25
A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing authentication and is unable to access the network. Where should the administrator begin troubleshooting to verify the authentication details?

  • A. Context Visibility
  • B. RADIUS Live Logs
  • C. Adaptive Network Control Policy List
  • D. Accounting Reports

Answer: B

Explanation:
How To Troubleshoot ISE Failed Authentications & Authorizations
Check the ISE Live Logs
Login to the primary ISE Policy Administration Node (PAN).
Go to Operations > RADIUS > Live Logs
(Optional) If the event is not present in the RADIUS Live Logs, go to Operations > Reports > Reports > Endpoints and Users > RADIUS Authentications Check for Any Failed Authentication Attempts in the Log


NEW QUESTION # 26
Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access to network resources?

  • A. Client provisioning
  • B. MAC authentication bypass
  • C. Simple Certificate Enrollment Protocol
  • D. BYOD on boarding

Answer: D

Explanation:
When supporting personal devices on a corporate network, you must protect network services and enterprise data by authenticating and authorizing users (employees, contractors, and guests) and their devices. Cisco ISE provides the tools you need to allow employees to securely use personal devices on a corporate network. Guests can add their personal devices to the network by running the native supplicant provisioning (Network Setup Assistant), or by adding their devices to the My Devices portal. Because native supplicant profiles are not available for all devices, users can use the My Devices portal to add these devices manually; or you can configure Bring Your Own Device (BYOD) rules to register these devices. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/ m_ise_devices_byod.html data by authenticating and authorizing users (employees, contractors, and guests) and their devices. Cisco ISE provides the tools you need to allow employees to securely use personal devices on a corporate network.
Guests can add their personal devices to the network by running the native supplicant provisioning (Network Setup Assistant), or by adding their devices to the My Devices portal.
Because native supplicant profiles are not available for all devices, users can use the My Devices portal to add these devices manually; or you can configure Bring Your Own Device (BYOD) rules to register these devices.
Reference:
When supporting personal devices on a corporate network, you must protect network services and enterprise data by authenticating and authorizing users (employees, contractors, and guests) and their devices. Cisco ISE provides the tools you need to allow employees to securely use personal devices on a corporate network. Guests can add their personal devices to the network by running the native supplicant provisioning (Network Setup Assistant), or by adding their devices to the My Devices portal. Because native supplicant profiles are not available for all devices, users can use the My Devices portal to add these devices manually; or you can configure Bring Your Own Device (BYOD) rules to register these devices. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/ m_ise_devices_byod.html


NEW QUESTION # 27
What does Cisco AMP for Endpoints use to help an organization detect different families of malware?

  • A. Clam AV Engine to perform email scanning
  • B. Spero Engine with machine learning to perform dynamic analysis
  • C. Ethos Engine to perform fuzzy fingerprinting
  • D. Tetra Engine to detect malware when me endpoint is connected to the cloud

Answer: C

Explanation:
ETHOS is the Cisco file grouping engine. It allows us to group families of files together so if we see variants of a malware, we mark the ETHOS hash as malicious and whole families of malware are instantly detected. Reference: https://docs.amp.cisco.com/AMP%20for%20Endpoints%20User%20Guide.pdf ETHOS = Fuzzy Fingerprinting using static/passive heuristics a malware, we mark the ETHOS hash as malicious and whole families of malware are instantly detected.
Reference:
ETHOS is the Cisco file grouping engine. It allows us to group families of files together so if we see variants of a malware, we mark the ETHOS hash as malicious and whole families of malware are instantly detected. Reference: https://docs.amp.cisco.com/AMP%20for%20Endpoints%20User%20Guide.pdf ETHOS = Fuzzy Fingerprinting using static/passive heuristics


NEW QUESTION # 28
What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol?

  • A. STIX
  • B. pxGrid
  • C. SMTP
  • D. XMPP

Answer: A

Explanation:
Explanation
TAXII (Trusted Automated Exchange of Indicator Information) is a standard that provides a transport


NEW QUESTION # 29
What is the most common type of data exfiltration that organizations currently experience?

  • A. Microsoft Windows network shares
  • B. encrypted SMTP
  • C. SQL database injections
  • D. HTTPS file upload site

Answer: D


NEW QUESTION # 30
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?

  • A. Device Management Policy
  • B. Group Policy
  • C. Platform Service Policy
  • D. Access Control Policy

Answer: C

Explanation:
Explanation Cisco Firepower deployments can take advantage of platform settings policies. A platform settings policy is a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in your deployment, such as time settings and external authentication. Examples of these platform settings policies are time and date settings, external authentication, and other common administrative features. A shared policy makes it possible to configure multiple managed devices at once, which provides consistency in your deployment and streamlines your management efforts. Any changes to a platform settings policy affects all the managed devices where you applied the policy. Even if you want different settings per device, you must create a shared policy and apply it to the desired device. For example, your organization's security policies may require that your appliances have a "No Unauthorized Use" message when a user logs in. With platform settings, you can set the login banner once in a platform settings policy. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/platform_settings_policies_for_managed_devices.html Therefore the answer should be "Platform Settings Policy", not "Platform Service Policy" but it is the best answer here so we have to choose it.
Cisco Firepower deployments can take advantage of platform settings policies. A platform settings policy is a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in your deployment, such as time settings and external authentication. Examples of these platform settings policies are time and date settings, external authentication, and other common administrative features.
A shared policy makes it possible to configure multiple managed devices at once, which provides consistency in your deployment and streamlines your management efforts. Any changes to a platform settings policy affects all the managed devices where you applied the policy. Even if you want different settings per device, you must create a shared policy and apply it to the desired device.
For example, your organization's security policies may require that your appliances have a "No Unauthorized Use" message when a user logs in. With platform settings, you can set the login banner once in a platform settings policy.
Reference:
Therefore the answer should be "Platform Settings Policy", not "Platform Service Policy" but it is the best Explanation Cisco Firepower deployments can take advantage of platform settings policies. A platform settings policy is a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in your deployment, such as time settings and external authentication. Examples of these platform settings policies are time and date settings, external authentication, and other common administrative features. A shared policy makes it possible to configure multiple managed devices at once, which provides consistency in your deployment and streamlines your management efforts. Any changes to a platform settings policy affects all the managed devices where you applied the policy. Even if you want different settings per device, you must create a shared policy and apply it to the desired device. For example, your organization's security policies may require that your appliances have a "No Unauthorized Use" message when a user logs in. With platform settings, you can set the login banner once in a platform settings policy. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/platform_settings_policies_for_managed_devices.html Therefore the answer should be "Platform Settings Policy", not "Platform Service Policy" but it is the best answer here so we have to choose it.


NEW QUESTION # 31
Which feature must be configured before implementing NetFlow on a router?

  • A. VRF
  • B. syslog
  • C. SNMPv3
  • D. IP routing

Answer: D


NEW QUESTION # 32
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?

  • A. file analysis
  • B. detections
  • C. prevalence
  • D. threat root cause
  • E. vulnerable software

Answer: C


NEW QUESTION # 33
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?

  • A. web page images
  • B. Linux and Windows operating systems
  • C. user input validation in a web page or web application
  • D. database

Answer: D

Explanation:
Explanation/Reference: https://tools.cisco.com/security/center/resources/sql_injection


NEW QUESTION # 34
Drag and drop the steps from the left into the correct order on the right to enable AppDynamics to monitor an EC2 instance in Amazon Web Services.

Answer:

Explanation:


NEW QUESTION # 35
A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability. What is the connection status in both cases?

  • A. preserved with both stateful and stateless failover
  • B. preserved with stateful failover and need to be reestablished with stateless failover
  • C. need to be reestablished with both stateful and stateless failover
  • D. need to be reestablished with stateful failover and preserved with stateless failover

Answer: B


NEW QUESTION # 36
Refer to the exhibit.

An engineer configured wired 802.1x on the network and is unable to get a laptop to authenticate. Which port configuration is missing?

  • A. cisp enable
  • B. dot1x pae authenticator
  • C. dotlx reauthentication
  • D. authentication open

Answer: B


NEW QUESTION # 37
An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?

  • A. Add entries in the DHCP snooping database
  • B. Set a trusted interface for the DHCP server
  • C. Set the DHCP snooping bit to 1
  • D. Enable ARP inspection for the required VLAN

Answer: B

Explanation:
To understand DHCP snooping we need to learn about DHCP spoofing attack first.

DHCP spoofing is a type of attack in that the attacker listens for DHCP Requests from clients and answers them with fake DHCP Response before the authorized DHCP Response comes to the clients. The fake DHCP Response often gives its IP address as the client default gateway -> all the traffic sent from the client will go through the attacker computer, the attacker becomes a "man-in-the-middle".
The attacker can have some ways to make sure its fake DHCP Response arrives first. In fact, if the attacker is "closer" than the DHCP Server then he doesn't need to do anything. Or he can DoS the DHCP Server so that it can't send the DHCP Response.
DHCP snooping can prevent DHCP spoofing attacks. DHCP snooping is a Cisco Catalyst feature that determines which switch ports can respond to DHCP requests. Ports are identified as trusted and untrusted.

Only ports that connect to an authorized DHCP server are trusted, and allowed to send all types of DHCP messages. All other ports on the switch are untrusted and can send only DHCP requests. If a DHCP response is seen on an untrusted port, the port is shut down.


NEW QUESTION # 38
Refer to the exhibit.

Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense appliance. What is causing this issue?

  • A. No split-tunnel policy is defined on the Firepower Threat Defense appliance.
  • B. Site-to-site VPN preshared keys are mismatched.
  • C. The access control policy is not allowing VPN traffic in.
  • D. Site-to-site VPN peers are using different encryption algorithms.

Answer: A


NEW QUESTION # 39
A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen on the network. Which two actions should be selected to allow the traffic to pass without inspection? (Choose two.)

  • A. permit
  • B. allow
  • C. monitor
  • D. trust
  • E. reset

Answer: B,D

Explanation:


NEW QUESTION # 40
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?

  • A. time synchronization
  • B. intrusion policy
  • C. quality of service
  • D. network address translations

Answer: D


NEW QUESTION # 41
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?

  • A. IaaS
  • B. XaaS
  • C. SaaS
  • D. PaaS

Answer: D

Explanation:
Explanation
Cloud computing can be broken into the following three basic models:
+ Infrastructure as a Service (IaaS): IaaS describes a cloud solution where you are renting infrastructure. You purchase virtual power to execute your software as needed. This is much like running a virtual server on your own equipment, except you are now running a virtual server on a virtual disk. This model is similar to a utility company model because you pay for what you use.
+ Platform as a Service (PaaS): PaaS provides everything except applications. Services provided by this model include all phases of the system development life cycle (SDLC) and can use application programming interfaces (APIs), website portals, or gateway software. These solutions tend to be proprietary, which can cause problems if the customer moves away from the provider's platform.
+ Software as a Service (SaaS): SaaS is designed to provide a complete packaged solution. The software is rented out to the user. The service is usually provided through some type of front end or web portal. While the end user is free to use the service from anywhere, the company pays a peruse fee.


NEW QUESTION # 42
Which compliance status is shown when a configured posture policy requirement is not met?

  • A. authorized
  • B. unknown
  • C. noncompliant
  • D. compliant

Answer: B


NEW QUESTION # 43
Which feature is supported when deploying Cisco ASAv within AWS public cloud?

  • A. clustering
  • B. multiple context mode
  • C. user deployment of Layer 3 networks
  • D. IPv6

Answer: C

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-start-book/asav-96-qsg/asav- aws.html


NEW QUESTION # 44
Which feature within Cisco Umbrella allows for the ability to inspect secure HTTP traffic?

  • A. SafeSearch
  • B. Destination Lists
  • C. File Analysis
  • D. SSL Decryption

Answer: D

Explanation:
SSL Decryption is an important part of the Umbrella Intelligent Proxy. he feature allows the Intelligent Proxy to go beyond simply inspecting normal URLs and actually proxy and inspect traffic that's sent over HTTPS. The SSL Decryption feature does require the root certificate be installed.
SSL Decryption is an important part of the Umbrella Intelligent Proxy. he feature allows the Intelligent Proxy to go beyond simply inspecting normal URLs and actually proxy and inspect traffic that's sent over HTTPS. The SSL Decryption feature does require the root certificate be installed.
Reference:
SSL Decryption is an important part of the Umbrella Intelligent Proxy. he feature allows the Intelligent Proxy to go beyond simply inspecting normal URLs and actually proxy and inspect traffic that's sent over HTTPS. The SSL Decryption feature does require the root certificate be installed.


NEW QUESTION # 45
What is the intent of a basic SYN flood attack?

  • A. to cause the buffer to overflow
  • B. to exceed the threshold limit of the connection queue
  • C. to flush the register stack to re-initiate the buffers
  • D. to solicit DNS responses

Answer: B


NEW QUESTION # 46
......

350-701 PDF Dumps Extremely Quick Way Of Preparation: https://www.bootcamppdf.com/350-701_exam-dumps.html

Download 350-701 Dumps (2023) - Free PDF Exam Demo: https://drive.google.com/open?id=1MrYgNtTccr77aPYgdQbnYPVfX5GsLoje