100% Pass Guaranteed Accurate 350-701 Answers 365 Days Free Updates [Q118-Q143]

100% Pass Guaranteed Accurate 350-701 Answers 365 Days Free Updates

350-701 DUMPS Q&As with Explanations Verified & Correct Answers

NEW QUESTION # 118
What are the two most commonly used authentication factors in multifactor authentication? (Choose two.)

• A. time factor
• B. biometric factor
• C. knowledge factor
• D. confidentiality factor
• E. encryption factor

Answer: B,C

NEW QUESTION # 119
Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion Prevention System?

• A. control
• B. URL filtering
• C. malware
• D. protect

Answer: D

NEW QUESTION # 120
Which two functions does the Cisco Advanced Phishing Protection solution perform in trying to protect from phishing attacks? (Choose two.)

• A. determines if the email messages are malicious
• B. does a real-time user web browsing behavior analysis
• C. uses a static algorithm to determine malicious
• D. blocks malicious websites and adds them to a block list
• E. provides a defense for on-premises email deployments

Answer: A,B

Explanation:
Cisco Advanced Phishing Protection (AAP) is a solution that helps organizations protect against fraudulent senders and identity deception-based attacks, such as business email compromise (BEC) and spear phishing. AAP uses advanced machine learning techniques, real-time behavior analytics, relationship modeling, and telemetry to perform two main functions12:
* It determines if the email messages are malicious by assessing the threat posture of the sender and the content of the message. It also validates the reputation and authenticity of the sender by checking various indicators, such as the domain, the IP address, the SPF, DKIM, and DMARC records, the display name, the reply-to address, and the header information. AAP assigns a risk score to each email message and provides a verdict of clean, malicious, or suspicious. It also adds a banner to the email message to inform the recipient of the risk level and the recommended action.
* It does a real-time user web browsing behavior analysis by monitoring the user's interaction with the email message and the links embedded in it. It tracks the user's clicks, mouse movements, dwell time, and other indicators to detect any signs of hesitation, confusion, or curiosity. It also analyzes the destination URL of the links and compares it with the known malicious websites. If AAP detects any anomalous or risky behavior, it intervenes with a warning message or a redirect page to educate the user and prevent them from falling victim to the phishing attack. References := 1: Cisco's Security Innovations to Protect the Endpoint and Email 2: Cisco Advanced Phishing Protection - Cisco Video Portal

NEW QUESTION # 121
Which API method and required attribute are used to add a device into Cisco DNA Center with the native API?

• A. POST and name
• B. lastSyncTime and pid
• C. userSudiSerlalNos and deviceInfo
• D. GET and serialNumber

Answer: D

NEW QUESTION # 122
Drag and drop the threats from the left onto examples of that threat on the right

Answer:

Explanation:

NEW QUESTION # 123
An engineer is trying to securely connect to a router and wants to prevent insecure algorithms from being used.
However, the connection is failing. Which action should be taken to accomplish this goal?

• A. Disable telnet using the no ip telnet command.
• B. Enable the SSH server using the ip ssh server command.
• C. Generate the RSA key using the crypto key generate rsa command.
• D. Configure the port using the ip ssh port 22 command.

Answer: C

Explanation:
ExplanationExplanationIn this question, the engineer was trying to secure the connection so maybe he was trying to allow SSH to the device. But maybe something went wrong so the connection was failing (the connection used to be good). So maybe he was missing the "crypto key generate rsa" command.

NEW QUESTION # 124
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.

Answer:

Explanation:

Explanation The Firepower System uses network discovery and identity policies to collect host, application, and user data for traffic on your network. You can use certain types of discovery and identity data to build a comprehensive map of your network assets, perform forensic analysis, behavioral profiling, access control, and mitigate and respond to the vulnerabilities and exploits to which your organization is susceptible. The Cisco Advanced Malware Protection (AMP) solution enables you to detect and block malware, continuously analyze for malware, and get retrospective alerts. AMP for Networks delivers network-based advanced malware protection that goes beyond point-in-time detection to protect your organization across the entire attack continuum - before, during, and after an attack. Designed for Cisco Firepower network threat appliances, AMP for Networks detects, blocks, tracks, and contains malware threats across multiple threat vectors within a single system. It also provides the visibility and control necessary to protect your organization against highly sophisticated, targeted, zero-day, and persistent advanced malware threats.

NEW QUESTION # 125
What is a benefit of using Cisco FMC over Cisco ASDM?

• A. Cisco FMC supports all firewall products whereas Cisco ASDM only supports Cisco ASA devices
• B. Cisco FMC provides centralized management while Cisco ASDM does not.
• C. Cisco FMC supports pushing configurations to devices while Cisco ASDM does not.
• D. Cisco FMC uses Java while Cisco ASDM uses HTML5.

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html

NEW QUESTION # 126
What is provided by the Secure Hash Algorithm in a VPN?

• A. authentication
• B. encryption
• C. integrity
• D. key exchange

Answer: C

Explanation:
The HMAC-SHA-1-96 (also known as HMAC-SHA-1) encryption technique is used by IPSec to ensure that a message has not been altered. (-> Therefore answer "integrity" is the best choice). HMAC-SHA-1 uses the SHA-1 specified in FIPS-190-1, combined with HMAC (as per RFC 2104), and is described in RFC 2404. Reference: https://www.ciscopress.com/articles/article.asp?p=24833&seqNum=4 The HMAC-SHA-1-96 (also known as HMAC-SHA-1) encryption technique is used by IPSec to ensure that a message has not been altered. (-> Therefore answer "integrity" is the best choice). HMAC-SHA-1 uses the SHA-1 specified in FIPS-190-1, combined with HMAC (as per RFC 2104), and is described in RFC 2404. Reference: https://www.ciscopress.com/articles/article.asp?p=24833&seqNum=4

NEW QUESTION # 127
An administrator configures a Cisco WSA to receive redirected traffic over ports 80 and 443 The organization requires that a network device with specific WSA integration capabilities be configured to send the traffic to the WSA to proxy the requests and increase visibility, while making this invisible to the users What must be done on the Cisco WSA to support these requirements?

• A. Configure active traffic redirection using WPAD m the Cisco WSA and on the network device
• B. Use the Layer 4 setting in the Cisco WSA to receive explicit forward requests from the network device
• C. Configure transparent traffic redirection using WCCP in the Osco WSA and on the network device
• D. Use PAC keys to allow only the required network devices to send the traffic to the Cisco WSA

Answer: C

NEW QUESTION # 128
For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs? (Choose two)

• A. SDP
• B. subordinate CA
• C. LDAP
• D. HTTP
• E. SCP

Answer: C,D

Explanation:
Cisco IOS public key infrastructure (PKI) provides certificate management to support security protocols such as IP Security (IPSec), secure shell (SSH), and secure socket layer (SSL). This module identifies and describes concepts that are needed to understand, plan for, and implement a PKI.
A PKI is composed of the following entities: ...
- A distribution mechanism (such as Lightweight Directory Access Protocol [LDAP] or HTTP) for certificate revocation lists (CRLs) Cisco IOS public key infrastructure (PKI) provides certificate management to support security protocols such as IP Security (IPSec), secure shell (SSH), and secure socket layer (SSL). This module identifies and describes concepts that are needed to understand, plan for, and implement a PKI.
A PKI is composed of the following entities: ...
- A distribution mechanism (such as Lightweight Directory Access Protocol [LDAP] or HTTP) for certificate revocation lists (CRLs) Reference:
Cisco IOS public key infrastructure (PKI) provides certificate management to support security protocols such as IP Security (IPSec), secure shell (SSH), and secure socket layer (SSL). This module identifies and describes concepts that are needed to understand, plan for, and implement a PKI.
A PKI is composed of the following entities: ...
- A distribution mechanism (such as Lightweight Directory Access Protocol [LDAP] or HTTP) for certificate revocation lists (CRLs)

NEW QUESTION # 129
Which type of API is being used when a controller within a software-defined network architecture dynamically makes configuration changes on switches within the network?

• A. northbound API
• B. southbound API
• C. westbound AP
• D. eastbound API

Answer: B

NEW QUESTION # 130
Which feature is supported when deploying Cisco ASAv within AWS public cloud?

• A. user deployment of Layer 3 networks
• B. clustering
• C. IPv6
• D. multiple context mode

Answer: A

Explanation:
ExplanationThe ASAv on AWS supports the following features:+ Support for Amazon EC2 C5 instances, the next generation of the Amazon EC2 Compute Optimized instancefamily.+ Deployment in the Virtual Private Cloud (VPC)+ Enhanced networking (SR-IOV) where available+ Deployment from Amazon Marketplace+ Maximum of four vCPUs per instance+ User deployment of L3 networks+ Routed mode (default)Note: The Cisco Adaptive Security Virtual Appliance (ASAv) runs the same software as physical Cisco ASAs to deliver proven security functionality in a virtual form factor. The ASAv can be deployed in the public AWS cloud.It can then be configured to protect virtual and physical data center workloads that expand, contract, or shift their location over time. Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-start-book/asav-96 qsg/asavaws.html

NEW QUESTION # 131
Which command enables 802.1X globally on a Cisco switch?

• A. dot1x system-auth-control
• B. aaa new-model
• C. dot1x pae authenticator
• D. authentication port-control aut

Answer: A

NEW QUESTION # 132
Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious?

• A. DynDNS
• B. Talos
• C. AnyConnect
• D. AMP

Answer: B

Explanation:
When Umbrella receives a DNS request, it uses intelligence to determine if the request is safe, malicious or risky - meaning the domain contains both malicious and legitimate content. Safe and malicious requests are routed as usual or blocked, respectively. Risky requests are routed to our cloud-based proxy for deeper inspection. The Umbrella proxy uses Cisco Talos web reputation and other third-party feeds to determine if a URL is malicious.

NEW QUESTION # 133
Which security solution protects users leveraging DNS-layer security?

• A. Cisco ASA
• B. Cisco FTD
• C. Cisco Umbrella
• D. Cisco ISE

Answer: C

Explanation:
DNS-layer security is a method of protecting users from cyberthreats by blocking malicious or risky domains before a connection is established. Cisco Umbrella is a cloud-based service that provides DNS-layer security by using Cisco Talos threat intelligence to filter DNS requests and prevent access to malicious domains. Cisco Umbrella also offers other security features, such as web filtering, cloud-delivered firewall, secure web gateway, and cloud access security broker. Cisco Umbrella can protect users on and off the corporate network, regardless of their location or device. Cisco Umbrella is compatible with other Cisco security solutions, such as Cisco ISE, Cisco FTD, and Cisco ASA, but it is the only one that offers DNS-layer security as a core capability. References:
* What Is DNS Security? How Does It Work? - Cisco Umbrella
* Why Umbrella DNS Security? - Cisco Umbrella

NEW QUESTION # 134
What are two features of NetFlow flow monitoring? (Choose two)

• A. Can be used to track multicast, MPLS, or bridged traffic
• B. Include the flow record and the flow importer
• C. Copies all ingress flow information to an interface
• D. Does not required packet sampling on interfaces
• E. Can track ingress and egress information

Answer: A,E

Explanation:
The following are restrictions for Flexible NetFlow: + Traditional NetFlow (TNF) accounting is not supported. + Flexible NetFlow v5 export format is not supported, only NetFlow v9 export format is supported. + Both ingress and egress NetFlow accounting is supported. + Microflow policing feature shares the NetFlow hardware resource with FNF. + Only one flow monitor per interface and per direction is supported. Reference: https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3se/ consolidated_guide/b_consolidated_3850_3se_cg_chapter_011010.html When configuring NetFlow, follow these guidelines and restrictions: + Except in PFC3A mode, NetFlow supports bridged IP traffic. PFC3A mode does not support NetFlow bridged IP traffic. + NetFlow supports multicast IP traffic. Reference: https://www.cisco.com/en/US/docs/general/Test/dwerblo/broken_guide/netflow.html The Flexible NetFlow - MPLS Egress NetFlow feature allows you to capture IP flow information for packets that arrive on a router as Multiprotocol Label Switching (MPLS) packets and are transmitted as IP packets. This feature allows you to capture the MPLS VPN IP flows that are traveling through the service provider backbone from one site of a VPN to another site of the same VPN Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt-book/cfgmpls-netflow.html
+ Traditional NetFlow (TNF) accounting is not supported.
+ Flexible NetFlow v5 export format is not supported, only NetFlow v9 export format is supported.
+ Both ingress and egress NetFlow accounting is supported.
+ Microflow policing feature shares the NetFlow hardware resource with FNF.
+ Only one flow monitor per interface and per direction is supported.
Reference:
consolidated_guide/b_consolidated_3850_3se_cg_chapter_011010.html
When configuring NetFlow, follow these guidelines and restrictions:
+ Except in PFC3A mode, NetFlow supports bridged IP traffic. PFC3A mode does not support NetFlow bridged IP traffic.
+ NetFlow supports multicast IP traffic.
The Flexible NetFlow - MPLS Egress NetFlow feature allows you to capture IP flow information for packets that arrive on a router as Multiprotocol Label Switching (MPLS) packets and are transmitted as IP packets. This feature allows you to capture the MPLS VPN IP flows that are traveling through the service provider backbone from one site of a VPN to another site of the same VPN The following are restrictions for Flexible NetFlow: + Traditional NetFlow (TNF) accounting is not supported. + Flexible NetFlow v5 export format is not supported, only NetFlow v9 export format is supported. + Both ingress and egress NetFlow accounting is supported. + Microflow policing feature shares the NetFlow hardware resource with FNF. + Only one flow monitor per interface and per direction is supported. Reference: https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3se/ consolidated_guide/b_consolidated_3850_3se_cg_chapter_011010.html When configuring NetFlow, follow these guidelines and restrictions: + Except in PFC3A mode, NetFlow supports bridged IP traffic. PFC3A mode does not support NetFlow bridged IP traffic. + NetFlow supports multicast IP traffic. Reference: https://www.cisco.com/en/US/docs/general/Test/dwerblo/broken_guide/netflow.html The Flexible NetFlow - MPLS Egress NetFlow feature allows you to capture IP flow information for packets that arrive on a router as Multiprotocol Label Switching (MPLS) packets and are transmitted as IP packets. This feature allows you to capture the MPLS VPN IP flows that are traveling through the service provider backbone from one site of a VPN to another site of the same VPN Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt-book/cfgmpls-netflow.html

NEW QUESTION # 135
What is a feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?

• A. Secure NetFlow connections are optimized for Cisco Prime Infrastructure
• B. Flow-create events are delayed.
• C. Multiple NetFlow collectors are supported.
• D. Advanced NetFlow v9 templates and legacy v5 formatting are supported.

Answer: B

Explanation:
Reference:

NEW QUESTION # 136
A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?

• A. The ESA immediately makes another attempt to upload the file.
• B. The file is queued for upload when connectivity is restored.
• C. The file upload is abandoned.
• D. AMP calculates the SHA-256 fingerprint, caches it, and periodically attempts the upload.

Answer: D

Explanation:

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118796-technote-esa-00.html

NEW QUESTION # 137
An engineer notices traffic interruption on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, based on a predefined threshold, to address this issue?

• A. Storm Control
• B. Bridge Protocol Data Unit guard
• C. access control lists
• D. embedded event monitoring

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/command/eem-cr-book/eem-cr-e1.html

NEW QUESTION # 138
Which Cisco command enables authentication, authorization, and accounting globally so that CoA is supported on the device?

• A. aaa new-model
• B. auth-type all
• C. ip device-tracking
• D. aaa server radius dynamic-author

Answer: C

NEW QUESTION # 139
A company discovered an attack propagating through their network via a file. A custom file policy was created in order to track this in the future and ensure no other endpoints execute the infected file. In addition, it was discovered during testing that the scans are not detecting the file as an indicator of compromise. What must be done in order to ensure that the created is functioning as it should?

• A. Block the application that the file was using to open
• B. Send the file to Cisco Threat Grid for dynamic analysis
• C. Upload the hash for the file into the policy
• D. Create an IP block list for the website from which the file was downloaded

Answer: B

Explanation:
the file to Cisco Threat Grid for dynamic analysis. Cisco Threat Grid is a cloud-based service that provides malware analysis and threat intelligence. It can analyze suspicious files and URLs, and provide detailed reports on the behavior, indicators, and severity of the threat1. By sending the file to Cisco Threat Grid, the custom file policy can leverage the dynamic analysis results to detect the file as an indicator of compromise, and prevent other endpoints from executing the infected file. The other options are not correct because they do not address the root cause of the problem, which is the lack of detection by the custom file policy. Creating an IP block list, blocking the application, or uploading the hash for the file may help to mitigate the attack, but they do not ensure that the custom file policy is functioning as it should. References:
* 2: Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 - Module 5: Endpoint Protection and Detection
* 3: Cisco AMP for Endpoints User Guide - Custom Detection Lists
* 4: Cisco AMP for Endpoints User Guide - File Analysis and Cisco Threat Grid
* 1: Cisco Threat Grid - Overview

NEW QUESTION # 140
In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?

• A. when there is no need to have the solution centrally managed
• B. when there is a need to have more advanced detection capabilities
• C. when there is a need for traditional anti-malware detection
• D. when there te no firewall on the network

Answer: C

NEW QUESTION # 141
Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?

• A. transparent
• B. redirection
• C. forward
• D. proxy gateway

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2013/CVDWebSecurityUsingCiscoWSADesign

NEW QUESTION # 142
Which two capabilities does an MDM provide? (Choose two.)

• A. manual identification and classification of client devices
• B. enforcement of device security policies from a centralized dashboard
• C. unified management of Android and Apple devices from a centralized dashboard
• D. unified management of mobile devices, Macs, and PCs from a centralized dashboard
• E. delivery of network malware reports to an inbox in a schedule

Answer: B,D

NEW QUESTION # 143
......

350-701 dumps Exam Material with 630 Questions: https://torrentpdf.exam4tests.com/350-701-pdf-braindumps.html