Download Implementing and Operating Cisco Security Core Technologies.PassLeader.350-701.2022-06-05.1e.249q.vcex

Download Exam

File Info

Exam Implementing and Operating Cisco Security Core Technologies
Number 350-701
File Name Implementing and Operating Cisco Security Core Technologies.PassLeader.350-701.2022-06-05.1e.249q.vcex
Size 11.58 Mb
Posted June 05, 2022
Downloads 12

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator
 
 


Demo Questions

Question 1
What are two list types within AMP for Endpoints Outbreak Control? (Choose two.)

  • A: blocked ports
  • B: simple custom detections
  • C: command and control
  • D: allowed applications
  • E: URL
Correct Answer: BD
     



Question 2
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.)

  • A: computer identity
  • B: Windows service
  • C: user identity
  • D: Windows firewall
  • E: default browser
Correct Answer: BD
     



Question 3
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the deployment?

  • A: NGFW
  • B: AMP
  • C: WSA
  • D: ESA
Correct Answer: B
     

     



Question 4
Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?

  • A: RSA SecureID
  • B: Internal Database
  • C: Active Directory
  • D: LDAP
Correct Answer: C
     



Question 5
Which VPN technology can support a multivendor environment and secure traffic between sites?

  • A: SSL VPN
  • B: GET VPN
  • C: FlexVPN
  • D: DMVPN
Correct Answer: C
     



Question 6
Which SNMPv3 configuration must be used to support the strongest security possible?

  • A: asa-host(config)#snmp-server group myv3 v3 privasa-host(config)#snmp-server user andy myv3 auth sha cisco priv des ciscXXXXXXXX
    asa-host(config)#snmp-server host inside 10.255.254.1 version 3 andy
  • B: asa-host(config)#snmp-server group myv3 v3 noauthasa-host(config)#snmp-server user andy myv3 auth sha cisco priv aes 256 ciscXXXXXXXX
    asa-host(config)#snmp-server host inside 10.255.254.1 version 3 andy
  • C: asa-host(config)#snmp-server group myv3 v3 noauthasa-host(config)#snmp-server user andy myv3 auth sha cisco priv 3des ciscXXXXXXXX
    asa-host(config)#snmp-server host inside 10.255.254.1 version 3 andy
  • D: asa-host(config)#snmp-server group myv3 v3 privasa-host(config)#snmp-server user andy myv3 auth sha cisco priv aes 256 ciscXXXXXXXX
    asa-host(config)#snmp-server host inside 10.255.254.1 version 3 andy
Correct Answer: D
AES allows you to choose a 128-bit, 192-bit or 256-bit key, making it exponentially stronger than the 56-bit key of DES.

     

     



Question 7
Which solution combines Cisco IOS and IOS XE components to enable administrators to recognize applications, collect and send network metrics to Cisco Prime and other third-party management tools, and prioritize application traffic?

  • A: Cisco Security Intelligence
  • B: Cisco Application Visibility and Control
  • C: Cisco Model Driven Telemetry
  • D: Cisco DNA Center
Correct Answer: B
     



Question 8
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two.)

  • A: Patch for cross-site scripting.
  • B: Perform backups to the private cloud.
  • C: Protect against input validation and character escapes in the endpoint.
  • D: Install a spam and virus email filter.
  • E: Protect systems with an up-to-date antimalware program.
Correct Answer: DE
     



Question 9
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the
MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware.
Which two solutions mitigate the risk of this ransomware infection? (Choose two.)

  • A: Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch beforeallowing access on the network.
  • B: Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level beforeallowing access on the network.
  • C: Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch levelis met before allowing access on the network.
  • D: Configure endpoint firewall policies to stop the exploit traffic from being allowed to run andreplicate throughout the network.
  • E: Set up a well-defined endpoint patching strategy to ensure that endpoints have criticalvulnerabilities patched in a timely fashion.
Correct Answer: AC
     



Question 10
Why would a user choose an on-premises ESA versus the CES solution?

  • A: Sensitive data must remain onsite.
  • B: Demand is unpredictable.
  • C: The server team wants to outsource this service.
  • D: ESA is deployed inline.
Correct Answer: A
     






CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset