Leading 350-701 Study Guide For Implementing And Operating Cisco Security Core Technologies Certification

June 10, 2020 350-701

Passleader 350-701 Questions are updated and all 350-701 answers are verified by experts. Once you have completely prepared with our 350-701 exam prep kits you will be ready for the real 350-701 exam without a problem. We have Improved Cisco 350-701 dumps study guide. PASSED 350-701 First attempt! Here What I Did.

Check 350-701 free dumps before getting the full version:

NEW QUESTION 1
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the deployment?

  • A. NGFW
  • B. AMP
  • C. WSA
  • D. ESA

Answer: B

NEW QUESTION 2
In which cloud services model is the tenant responsible for virtual machine OS patching?

  • A. IaaS
  • B. UCaaS
  • C. PaaS
  • D. SaaS

Answer: A

Explanation:
Reference: https://www.cmswire.com/cms/information-management/cloud-service-models-iaas-saas-paas-how-microsoft-office-365-azure-fit-in-021672.php

NEW QUESTION 3
Which feature is supported when deploying Cisco ASAv within AWS public cloud?

  • A. multiple context mode
  • B. user deployment of Layer 3 networks
  • C. IPv6
  • D. clustering

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-start-book/asav-96-qsg/asav-aws.html

NEW QUESTION 4
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two.)

  • A. Patch for cross-site scripting.
  • B. Perform backups to the private cloud.
  • C. Protect against input validation and character escapes in the endpoint.
  • D. Install a spam and virus email filter.
  • E. Protect systems with an up-to-date antimalware program.

Answer: DE

NEW QUESTION 5
Which SNMPv3 configuration must be used to support the strongest security possible?

  • A. asa-host(config)#snmp-server group myv3 v3 priv asa-host(config)#snmp-server user andy myv3 auth sha cisco priv des ciscXXXXXXXX asa-host(config)#snmp-server host inside 10.255.254.1 version 3 andy
  • B. asa-host(config)#snmp-server group myv3 v3 noauth asa- host(config)#snmp-server user andy myv3 auth sha cisco priv aes 256 ciscXXXXXXXX asa- host(config)#snmp-server host inside 10.255.254.1 version 3 andy
  • C. asa-host(config)#snmp- server group myv3 v3 noauth asa-host(config)#snmp-server user andy myv3 auth sha cisco priv 3des ciscXXXXXXXXasa-host(config)#snmp-server host inside 10.255.254.1 version 3 andy
  • D. asa- host(config)#snmp-server group myv3 v3 priv asa-host(config)#snmp-server user andy myv3 auth sha cisco priv aes 256 ciscXXXXXXXX asa-host(config)#snmp-server host inside 10.255.254.1 version 3 andy

Answer: D

NEW QUESTION 6
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?

  • A. PaaS
  • B. XaaS
  • C. IaaS
  • D. SaaS

Answer: A

NEW QUESTION 7
Which two capabilities does TAXII support? (Choose two.)

  • A. exchange
  • B. pull messaging
  • C. binding
  • D. correlation
  • E. mitigating

Answer: BC

NEW QUESTION 8
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?

  • A. smurf
  • B. distributed denial of service
  • C. cross-site scripting
  • D. rootkit exploit

Answer: C

NEW QUESTION 9
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?

  • A. correlation
  • B. intrusion
  • C. access control
  • D. network discovery

Answer: D

NEW QUESTION 10
Which network monitoring solution uses streams and pushes operational data to provide a near real-time view of activity?

  • A. SNMP
  • B. SMTP
  • C. syslog
  • D. model-driven telemetry

Answer: D

Explanation:
Reference: https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide

NEW QUESTION 11
What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two.)

  • A. data exfiltration
  • B. command and control communication
  • C. intelligent proxy
  • D. snort
  • E. URL categorization

Answer: AB

Explanation:
Reference: https://www.cisco.com/c/dam/en/us/products/collateral/security/cognitive-threat-analytics/at-a-glance-c45-736555.pdf

NEW QUESTION 12
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)

  • A. phishing
  • B. brute force
  • C. man-in-the-middle
  • D. DDOS
  • E. tear drop

Answer: BC

NEW QUESTION 13
What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two.)

  • A. TACACS+
  • B. central web auth
  • C. single sign-on
  • D. multiple factor auth
  • E. local web auth

Answer: BE

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_01110.html

NEW QUESTION 14
Refer to the exhibit.
350-701 dumps exhibit
What does the number 15 represent in this configuration?

  • A. privilege level for an authorized user to this router
  • B. access list that identifies the SNMP devices that can access the router
  • C. interval in seconds between SNMPv3 authentication attempts
  • D. number of possible failed attempts until the SNMPv3 user is locked out

Answer: B

NEW QUESTION 15
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.)

  • A. computer identity
  • B. Windows service
  • C. user identity
  • D. Windows firewall
  • E. default browser

Answer: BC

NEW QUESTION 16
Which API is used for Content Security?

  • A. NX-OS API
  • B. IOS XR API
  • C. OpenVuln API
  • D. AsyncOS API

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma12-0/api/b_SMA_API_12/test_chapter_01.html

NEW QUESTION 17
Where are individual sites specified to be blacklisted in Cisco Umbrella?

  • A. application settings
  • B. content categories
  • C. security settings
  • D. destination lists

Answer: D

NEW QUESTION 18
Which two key and block sizes are valid for AES? (Choose two.)

  • A. 64-bit block size, 112-bit key length
  • B. 64-bit block size, 168-bit key length
  • C. 128-bit block size, 192-bit key length
  • D. 128-bit block size, 256-bit key length
  • E. 192-bit block size, 256-bit key length

Answer: CD

Explanation:
Reference: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

NEW QUESTION 19
Which ASA deployment mode can provide separation of management on a shared appliance?

  • A. DMZ multiple zone mode
  • B. transparent firewall mode
  • C. multiple context mode
  • D. routed mode

Answer: C

NEW QUESTION 20
Refer to the exhibit.
350-701 dumps exhibit
Which statement about the authentication protocol used in the configuration is true?

  • A. The authentication request contains only a password
  • B. The authentication request contains only a username
  • C. The authentication and authorization requests are grouped in a single packet.
  • D. There are separate authentication and authorization request packets.

Answer: C

NEW QUESTION 21
Which technology is used to improve web traffic performance by proxy caching?

  • A. WSA
  • B. Firepower
  • C. FireSIGHT
  • D. ASA

Answer: A

NEW QUESTION 22
......

P.S. prep-labs.com now are offering 100% pass ensure 350-701 dumps! All 350-701 exam questions have been updated with correct answers: https://www.prep-labs.com/dumps/350-701/ (102 New Questions)


Related posts:

  1. Replace 350-701 Testing Software For Implementing And Operating Cisco Security Core Technologies Certification