Download Implementing and Operating Cisco Security Core Technologies.350-701.ExamTopics.2025-08-07.643q.tqb
| Vendor: | Cisco |
| Exam Code: | 350-701 |
| Exam Name: | Implementing and Operating Cisco Security Core Technologies |
| Date: | Aug 07, 2025 |
| File Size: | 11 MB |
How to open TQB files?
Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.
Purchase
Coupon: TAURUSSIM_20OFF
Discount: 20%
Demo Questions
Question 1
Which security product enables administrators to deploy Kubernetes clusters in air-gapped sites without needing Internet access?
- Cisco Container Controller
- Cisco Cloud Platform
- Cisco Container Platform
- Cisco Content Platform
Correct answer: C
Explanation:
C: 7 - Mosted C: 7 - Mosted
Question 2
What are two advantages of using Cisco AnyConnect over DMVPN? (Choose two.)
- It provides spoke-to-spoke communications without traversing the hub.
- It enables VPN access for individual users from their machines.
- It allows multiple sites to connect to the data center.
- It allows different routing protocols to work over the tunnel.
- It allows customization of access policies based on user identity.
Correct answer: BE
Explanation:
BE: 1 - MostedCisco Anyconnect is a Remote access VPN client based solution where users can install the client on their machines and can connect to the respective VPN devices (ASA/FTD/Router). In order to secure connectivity for Anyconnect Users, one can also create custom access policies to ensure proper conditions are met before access is granted to the VPN user. BE: 1 - Mosted
Cisco Anyconnect is a Remote access VPN client based solution where users can install the client on their machines and can connect to the respective VPN devices (ASA/FTD/Router). In order to secure connectivity for Anyconnect Users, one can also create custom access policies to ensure proper conditions are met before access is granted to the VPN user.
Question 3
An engineer needs to configure a Cisco Secure Email Gateway (SEG) to prompt users to enter multiple forms of identification before gaining access to the SEG.
The SEG must also join a cluster using the preshared key of cisc421555367. What steps must be taken to support this?
- Enable two-factor authentication through a RADIUS server, and then join the cluster via the SEG GUI.
- Enable two-factor authentication through a TACACS+ server, and then join the cluster via the SEG CLI.
- Enable two-factor authentication through a RADIUS server, and then join the cluster via the SEG CLI
- Enable two-factor authentication through a TACACS+ server, and then join the cluster via the SEG GUI.
Correct answer: C
Explanation:
C: 3 - Mosted C: 3 - Mosted
Question 4
What does endpoint isolation in Cisco AMP for Endpoints security protect from?
- an infection spreading across the LDAP or Active Directory domain from a user account
- a malware spreading across the user device
- an infection spreading across the network
- a malware spreading across the LDAP or Active Directory domain from a user account
Correct answer: C
Explanation:
B: 7C: 16 - Mosted B: 7C: 16 - Mosted
Question 5
What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?
- threat intelligence
- Indicators of Compromise
- trusted automated exchange
- The Exploit Database
Correct answer: A
Explanation:
A: 7 - Mosted A: 7 - Mosted
Question 6
What is the difference between a vulnerability and an exploit?
- A vulnerability is a weakness that can be exploited by an attacker.
- A vulnerability is a hypothetical event for an attacker to exploit.
- An exploit is a hypothetical event that causes a vulnerability in the network.
- An exploit is a weakness that can cause a vulnerability in the network.
Correct answer: A
Explanation:
A: 9 - Mosted A: 9 - Mosted
Question 7
Which parameter is required when configuring a NetFlow exporter on a Cisco router?
- exporter name
- exporter description
- source interface
- DSCP value
Correct answer: A
Explanation:
A: 5 - MostedC: 1 A: 5 - MostedC: 1
Question 8
What is a description of microsegmentation?
- Environments deploy a container orchestration platform, such as Kubernetes, to manage the application delivery.
- Environments apply a zero-trust model and specify how applications on different servers or containers can communicate.
- Environments deploy centrally managed host-based firewall rules on each server or container.
- Environments implement private VLAN segmentation to group servers with similar applications.
Correct answer: B
Explanation:
B: 5 - MostedC: 2 B: 5 - MostedC: 2
Question 9
Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps. Which two actions must be taken to ensure that interfaces are put back into service? (Choose two.)
- Enable the snmp-server enable traps command and wait 300 seconds.
- Use EEM to have the ports return to service automatically in less than 300 seconds
- Ensure that interfaces are configured with the error-disable detection and recovery feature.
- Have Cisco Prime Infrastructure issue an SNMP set command to re-enable the ports after the preconfigured interval.
- Enter the shutdown and no shutdown commands on the interfaces.
Correct answer: CE
Explanation:
CE: 2 - Mosted CE: 2 - Mosted
Question 10
Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two.)
- posture assessment
- aaa authorization exec default local
- tacacs-server host 10.1.1.250 key password
- aaa server radius dynamic-author
- CoA
Correct answer: DE
Explanation:
AC: 3AE: 5DE: 9 - Mosted AC: 3AE: 5DE: 9 - Mosted
HOW TO OPEN VCE FILES
Use VCE Exam Simulator to open VCE files
HOW TO OPEN VCEX FILES
Use ProfExam Simulator to open VCEX files
ProfExam at a 20% markdown
You have the opportunity to purchase ProfExam at a 20% reduced price
Get Now!