New Year Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

350-701 Questions and Answers

Question # 6

Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the left onto the correct definitions on the right.

Full Access
Question # 7

Drag and drop the solutions from the left onto the solution's benefits on the right.

Full Access
Question # 8

What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services?

(Choose two)

A.

multiple factor auth

B.

local web auth

C.

single sign-on

D.

central web auth

E.

TACACS+

Full Access
Question # 9

Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)

A.

Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS

B.

Cisco FTDv with one management interface and two traffic interfaces configured

C.

Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises

D.

Cisco FTDv with two management interfaces and one traffic interface configured

E.

Cisco FTDv configured in routed mode and IPv6 configured

Full Access
Question # 10

A network administrator is configuring a rule in an access control policy to block certain URLs and selects the “Chat and Instant Messaging” category. Which reputation score should be selected to accomplish this goal?

A.

1

B.

3

C.

5

D.

10

Full Access
Question # 11

Drag and drop the descriptions from the left onto the correct protocol versions on the right.

Full Access
Question # 12

Which two preventive measures are used to control cross-site scripting? (Choose two)

A.

Enable client-side scripts on a per-domain basis.

B.

Incorporate contextual output encoding/escaping.

C.

Disable cookie inspection in the HTML inspection engine.

D.

Run untrusted HTML input through an HTML sanitization engine.

E.

Same Site cookie attribute should not be used.

Full Access
Question # 13

What is a capability of Cisco ASA Netflow?

A.

It filters NSEL events based on traffic

B.

It generates NSEL events even if the MPF is not configured

C.

It logs all event types only to the same collector

D.

It sends NetFlow data records from active and standby ASAs in an active standby failover pair

Full Access
Question # 14

Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current

encryption technology?

A.

3DES

B.

RSA

C.

DES

D.

AES

Full Access
Question # 15

An organization has noticed an increase in malicious content downloads and wants to use Cisco Umbrella to prevent this activity for suspicious domains while allowing normal web traffic. Which action will accomplish this task?

A.

Set content settings to High

B.

Configure the intelligent proxy.

C.

Use destination block lists.

D.

Configure application block lists.

Full Access
Question # 16

Which function is the primary function of Cisco AMP threat Grid?

A.

automated email encryption

B.

applying a real-time URI blacklist

C.

automated malware analysis

D.

monitoring network traffic

Full Access
Question # 17

For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two)

A.

Windows service

B.

computer identity

C.

user identity

D.

Windows firewall

E.

default browser

Full Access
Question # 18

Which parameter is required when configuring a Netflow exporter on a Cisco Router?

A.

DSCP value

B.

Source interface

C.

Exporter name

D.

Exporter description

Full Access
Question # 19

When Cisco and other industry organizations publish and inform users of known security findings and

vulnerabilities, which name is used?

A.

Common Security Exploits

B.

Common Vulnerabilities and Exposures

C.

Common Exploits and Vulnerabilities

D.

Common Vulnerabilities, Exploits and Threats

Full Access
Question # 20

Refer to the exhibit.

Which command was used to display this output?

A.

show dot1x all

B.

show dot1x

C.

show dot1x all summary

D.

show dot1x interface gi1/0/12

Full Access
Question # 21

An administrator is trying to determine which applications are being used in the network but does not want the

network devices to send metadata to Cisco Firepower. Which feature should be used to accomplish this?

A.

NetFlow

B.

Packet Tracer

C.

Network Discovery

D.

Access Control

Full Access
Question # 22

Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?

A.

To view bandwidth usage for NetFlow records, the QoS feature must be enabled.

B.

A sysopt command can be used to enable NSEL on a specific interface.

C.

NSEL can be used without a collector configured.

D.

A flow-export event type must be defined under a policy

Full Access
Question # 23

After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future?

A.

Modify an access policy

B.

Modify identification profiles

C.

Modify outbound malware scanning policies

D.

Modify web proxy settings

Full Access
Question # 24

What is the role of Cisco Umbrella Roaming when it is installed on an endpoint?

A.

To protect the endpoint against malicious file transfers

B.

To ensure that assets are secure from malicious links on and off the corporate network

C.

To establish secure VPN connectivity to the corporate network

D.

To enforce posture compliance and mandatory software

Full Access
Question # 25

An administrator configures a Cisco WSA to receive redirected traffic over ports 80 and 443. The organization requires that a network device with specific WSA integration capabilities be configured to send the traffic to the WSA to proxy the requests and increase visibility, while making this invisible to the users. What must be done on the Cisco WSA to support these requirements?

A.

Configure transparent traffic redirection using WCCP in the Cisco WSA and on the network device

B.

Configure active traffic redirection using WPAD in the Cisco WSA and on the network device

C.

Use the Layer 4 setting in the Cisco WSA to receive explicit forward requests from the network device

D.

Use PAC keys to allow only the required network devices to send the traffic to the Cisco WSA

Full Access
Question # 26

How does Cisco Stealthwatch Cloud provide security for cloud environments?

A.

It delivers visibility and threat detection.

B.

It prevents exfiltration of sensitive data.

C.

It assigns Internet-based DNS protection for clients and servers.

D.

It facilitates secure connectivity between public and private networks.

Full Access
Question # 27

Which portion of the network do EPP solutions solely focus on and EDR solutions do not?

A.

server farm

B.

perimeter

C.

core

D.

East-West gateways

Full Access
Question # 28

What are the two types of managed Intercloud Fabric deployment models? (Choose two)

A.

Service Provider managed

B.

Public managed

C.

Hybrid managed

D.

User managed

E.

Enterprise managed

Full Access
Question # 29

What is a feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?

A.

Multiple NetFlow collectors are supported

B.

Advanced NetFlow v9 templates and legacy v5 formatting are supported

C.

Secure NetFlow connections are optimized for Cisco Prime Infrastructure

D.

Flow-create events are delayed

Full Access
Question # 30

What is the difference between deceptive phishing and spear phishing?

A.

Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.

B.

A spear phishing campaign is aimed at a specific person versus a group of people.

C.

Spear phishing is when the attack is aimed at the C-level executives of an organization.

D.

Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.

Full Access
Question # 31

When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the

command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for. What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?

A.

The key server that is managing the keys for the connection will be at 1.2.3.4

B.

The remote connection will only be allowed from 1.2.3.4

C.

The address that will be used as the crypto validation authority

D.

All IP addresses other than 1.2.3.4 will be allowed

Full Access
Question # 32

Which posture assessment requirement provides options to the client for remediation and requires the

remediation within a certain timeframe?

A.

Audit

B.

Mandatory

C.

Optional

D.

Visibility

Full Access
Question # 33

Which IPS engine detects ARP spoofing?

A.

Atomic ARP Engine

B.

Service Generic Engine

C.

ARP Inspection Engine

D.

AIC Engine

Full Access
Question # 34

Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)

A.

Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the

IPsec configuration is copied automatically

B.

The active and standby devices can run different versions of the Cisco IOS software but must be the same

type of device.

C.

The IPsec configuration that is set up on the active device must be duplicated on the standby device

D.

Only the IPsec configuration that is set up on the active device must be duplicated on the standby device;

the IKE configuration is copied automatically.

E.

The active and standby devices must run the same version of the Cisco IOS software and must be the

same type of device

Full Access
Question # 35

What is a language format designed to exchange threat intelligence that can be transported over the TAXII

protocol?

A.

STIX

B.

XMPP

C.

pxGrid

D.

SMTP

Full Access
Question # 36

Drag and drop the descriptions from the left onto the encryption algorithms on the right.

Full Access
Question # 37

A network engineer is configuring DMVPN and entered the crypto isakmp key cisc0380739941 address 0.0.0.0 command on hostA. The tunnel is not being established to hostB. What action is needed to authenticate the VPN?

A.

Change isakmp to ikev2 in the command on hostA.

B.

Enter the command with a different password on hostB.

C.

Enter the same command on hostB.

D.

Change the password on hostA to the default password.

Full Access
Question # 38

Refer to the exhibit.

When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to

utilize an external token authentication mechanism in conjunction with AAA authentication using machine

certificates. Which configuration item must be modified to allow this?

A.

Group Policy

B.

Method

C.

SAML Server

D.

DHCP Servers

Full Access
Question # 39

An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and this needs to happen dynamically.

What must be configured to accomplish this?

A.

Configure the Cisco WSA to modify policies based on the traffic seen

B.

Configure the Cisco ESA to receive real-time updates from Talos

C.

Configure the Cisco WSA to receive real-time updates from Talos

D.

Configure the Cisco ESA to modify policies based on the traffic seen

Full Access
Question # 40

An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, what action will resolve this issue?

A.

Configure security appliances to send syslogs to Cisco Stealthwatch Cloud

B.

Configure security appliances to send NetFlow to Cisco Stealthwatch Cloud

C.

Deploy a Cisco FTD sensor to send events to Cisco Stealthwatch Cloud

D.

Deploy a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco Stealthwatch Cloud

Full Access
Question # 41

Which information is required when adding a device to Firepower Management Center?

A.

username and password

B.

encryption method

C.

device serial number

D.

registration key

Full Access
Question # 42

Which Cisco platform ensures that machines that connect to organizational networks have the recommended

antivirus definitions and patches to help prevent an organizational malware outbreak?

A.

Cisco WiSM

B.

Cisco ESA

C.

Cisco ISE

D.

Cisco Prime Infrastructure

Full Access
Question # 43

Which type of DNS abuse exchanges data between two computers even when there is no direct connection?

A.

Malware installation

B.

Command-and-control communication

C.

Network footprinting

D.

Data exfiltration

Full Access
Question # 44

Refer to the exhibit.

A network administrator configures command authorization for the admin5 user. What is the admin5 user able to do on HQ_Router after this configuration?

A.

set the IP address of an interface

B.

complete no configurations

C.

complete all configurations

D.

add subinterfaces

Full Access
Question # 45

What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?

A.

trusted automated exchange

B.

Indicators of Compromise

C.

The Exploit Database

D.

threat intelligence

Full Access
Question # 46

An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a

mechanism. Which port on the firewall must be opened to allow the CoA traffic to traverse the network?

A.

TCP 6514

B.

UDP 1700

C.

TCP 49

D.

UDP 1812

Full Access
Question # 47

A network engineer must monitor user and device behavior within the on-premises network. This data must be sent to the Cisco Stealthwatch Cloud analytics platform for analysis. What must be done to meet this

requirement using the Ubuntu-based VM appliance deployed in a VMware-based hypervisor?

A.

Configure a Cisco FMC to send syslogs to Cisco Stealthwatch Cloud

B.

Deploy the Cisco Stealthwatch Cloud PNM sensor that sends data to Cisco Stealthwatch Cloud

C.

Deploy a Cisco FTD sensor to send network events to Cisco Stealthwatch Cloud

D.

Configure a Cisco FMC to send NetFlow to Cisco Stealthwatch Cloud

Full Access
Question # 48

An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system’s applications. Which

vulnerability allows the attacker to see the passwords being transmitted in clear text?

A.

weak passwords for authentication

B.

unencrypted links for traffic

C.

software bugs on applications

D.

improper file security

Full Access
Question # 49

Refer to the exhibit.

Which command was used to generate this output and to show which ports are

authenticating with dot1x or mab?

A.

show authentication registrations

B.

show authentication method

C.

show dot1x all

D.

show authentication sessions

Full Access
Question # 50

An organization wants to secure users, data, and applications in the cloud. The solution must be API-based and

operate as a cloud-native CASB. Which solution must be used for this implementation?

A.

Cisco Cloudlock

B.

Cisco Cloud Email Security

C.

Cisco Firepower Next-Generation Firewall

D.

Cisco Umbrella

Full Access
Question # 51

What is a difference between an XSS attack and an SQL injection attack?

A.

SQL injection is a hacking method used to attack SQL databases, whereas XSS attacks can exist in many different types of applications

B.

XSS is a hacking method used to attack SQL databases, whereas SQL injection attacks can exist in many different types of applications

C.

SQL injection attacks are used to steal information from databases whereas XSS attacks are used to

redirect users to websites where attackers can steal data from them

D.

XSS attacks are used to steal information from databases whereas SQL injection attacks are used to

redirect users to websites where attackers can steal data from them

Full Access
Question # 52

An organization wants to use Cisco FTD or Cisco ASA devices. Specific URLs must be blocked from being

accessed via the firewall which requires that the administrator input the bad URL categories that the

organization wants blocked into the access policy. Which solution should be used to meet this requirement?

A.

Cisco ASA because it enables URL filtering and blocks malicious URLs by default, whereas Cisco FTD

does not

B.

Cisco ASA because it includes URL filtering in the access control policy capabilities, whereas Cisco FTD does not

C.

Cisco FTD because it includes URL filtering in the access control policy capabilities, whereas Cisco ASA does not

D.

Cisco FTD because it enables URL filtering and blocks malicious URLs by default, whereas Cisco ASA does not

Full Access
Question # 53

Which attack is preventable by Cisco ESA but not by the Cisco WSA?

A.

buffer overflow

B.

DoS

C.

C. SQL injection

D.

phishing

Full Access