350-701 Exam Questions
916 real 350-701 exam questions with expert-verified answers and explanations. Page 1 of 19.
- Question #1
What are two list types within Cisco AMP for Endpoints Outbreak Control? (Choose two.)
Cisco AMP for EndpointsOutbreak ControlAMP list typesEndpoint security - Question #2Secure Network Access, Visibility and Enforcement
Which command enables 802.1X globally on a Cisco switch?
802.1XSwitch configurationNetwork access controlCisco IOS commands - Question #3
What is the function of Cisco Cloudlock for data security?
Cisco CloudlockDLP - Question #4Secure Network Access, Visibility, and Enforcement
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.)
Cisco ISEPosture AssessmentEndpoint ComplianceWindows Security - Question #5Network Security
What is a characteristic of Dynamic ARP Inspection?
Dynamic ARP InspectionARP Security - Question #6
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the deployment?
Cisco AMPEndpoint SecurityMalware Protection - Question #7
Where are individual sites specified to be blacklisted in Cisco Umbrella?
Cisco Umbrellasite blacklistingdestination lists - Question #8
Which statement about IOS zone-based firewalls is true?
Cisco IOSZone-Based FirewallZBF interface assignment - Question #9Automation
Which two activities can be done using Cisco DNA Center? (Choose two.)
Cisco DNA CenterNetwork DesignNetwork Provisioning - Question #10
Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?
Cisco ISEIdentity StoreRSA SecureIDShadow User - Question #11
Which VPN technology can support a multivendor environment and secure traffic between sites?
FlexVPNMultivendor VPNSite-to-site VPN - Question #12
Which SNMPv3 configuration must be used to support the strongest security possible?
SNMPv3SNMP securityNetwork monitoring configurationAuthentication and Privacy - Question #13Secure Network Access, Visibility, and Enforcement
Which solution combines Cisco IOS and IOS XE components to enable administrators to recognize applications, collect and send network metrics to Cisco Prime and other third-party ma...
Cisco Application Visibility and ControlApplication recognitionNetwork telemetryTraffic prioritization - Question #14Endpoint Protection and Detection
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two.)
Phishing preventionSocial engineering preventionEmail security filtersAntimalware protection - Question #15
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware...
Cisco ISEEndpoint PosturePatch ManagementVulnerability Remediation - Question #16Content Security
Why would a user choose an on-premises ESA versus the CES solution?
Email SecurityOn-premises deploymentCloud servicesDeployment models - Question #17
Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity?
GET VPNEnterprise VPNVPN scalabilityAny-to-any VPN - Question #18
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?
Cloud service modelsPaaS - Question #19
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?
Cisco UmbrellaSecure Internet GatewayMalware scanningIntelligent Proxy - Question #20
Which two features are used to configure Cisco Secure Email Gateway with a multilayer approach to fight viruses and malware? (Choose two.)
Cisco Secure Email GatewayEmail SecurityAnti-MalwareOutbreak Filters - Question #21Cloud Security
How is Cisco Umbrella configured to log only security events?
Cisco Umbrellaevent loggingsecurity eventspolicy configuration - Question #22Endpoint Protection and Detection
What is the primary difference between an Endpoint Protection Platform and an Endpoint Detection and Response?
EPPEDREndpoint SecurityThreat Prevention - Question #23Security Concepts
On which part of the IT environment does DevSecOps focus?
DevSecOpsApplication securitySDLC - Question #24Network Security
Which functions of an SDN architecture require southbound APIs to enable communication?
SDN architectureSouthbound APIs - Question #25
What is a characteristic of traffic storm control behavior?
traffic storm controlbroadcast storm prevention - Question #26Network Security
Which two request methods of REST API are valid on the Cisco ASA Platform? (Choose two.)
REST API methodsCisco ASAHTTP methods - Question #27
In a PaaS model, which layer is the tenant responsible for maintaining and patching?
PaaSShared responsibility modelCloud service models - Question #28Endpoint Protection and Detection
An engineer is configuring AMP for endpoints and wants to block certain files from executing. Which outbreak control method is used to accomplish this task?
Cisco AMPApplication BlockingOutbreak ControlEndpoint Security - Question #29
Which ASA deployment mode can provide separation of management on a shared appliance?
Cisco ASAASA deployment modesMultiple Context Mode - Question #30
Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two.)
Cisco FTDvAWS deploymentDeployment modelsFMC management - Question #31Network Security
What can be integrated with Cisco Threat Intelligence Director to provide information about security threats, which allows the SOC to proactively automate responses to those threat...
Cisco Threat Intelligence DirectorThreat IntelligenceExternal FeedsSecurity Automation - Question #32
What provides visibility and awareness into what is currently occurring on the network?
Network TelemetryNetwork Visibility - Question #33Security Concepts
Which attack is commonly associated with C and C++ programming languages?
Buffer OverflowC++ VulnerabilitiesApplication Security - Question #34Secure Network Access, Visibility, and Enforcement
An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the endpoint to apply a new or updated policy from ISE. Which CoA type ach...
Cisco ISEChange of Authorization (CoA)CoA ReauthNetwork Access Control - Question #35
Refer to the exhibit. Which command was used to display this output?
dot1xCisco CLIAuthentication - Question #36
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.)
SQL injectionInput validationPrepared statementsParameterized queries - Question #37
How does Cisco Stealthwatch Cloud provide security for cloud environments?
Cisco Stealthwatch CloudCloud SecurityThreat DetectionNetwork Visibility - Question #38Network Security
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two.)
Firepower NGIPSApplication Layer PreprocessorsSIP InspectionSSL Inspection - Question #39
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?
Cisco FirepowerFMC device settingstime synchronization - Question #40
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?
SDN architecturenorthbound APIs - Question #41
Refer to the exhibit. What is a result of the configuration?
Cisco firewall configurationNetwork security zonesTraffic redirectionAccess control lists (ACLs) - Question #42
Which information is required when adding a device to Firepower Management Center?
Firepower Management CenterFMC device registration - Question #43
Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two.)
Hybrid emailOn-premises securityEmail DLPEmail encryption - Question #44
What is a characteristic of Cisco ASA NetFlow v9 Secure Event Logging?
Cisco ASANetFlow v9Secure Event Logging - Question #45Content Security
Which feature within Cisco Umbrella allows for the ability to inspect secure HTTP traffic?
Cisco UmbrellaSSL DecryptionHTTPS Inspection - Question #46Identity and Access Management
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)
MFAphishing attacksbrute force attacks - Question #47
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?
Cisco AMP for EndpointsEndpoint SecurityFile Visibility - Question #48
Which RADIUS attribute can you use to filter MAB requests in an 802.1x deployment?
RADIUS attributes802.1x MAB - Question #49
Which two features of Cisco Email Security can protect your organization against email threats?(choose two)
Cisco Email SecurityEmail DLPGeolocation filteringHeuristic filtering - Question #50Infrastructure Monitoring and Agent Configuration - specifically deploying and configuring AppDynamics monitoring extensions for cloud infrastructure (AWS EC2) using Machine Agents or SIM Agents.
Drag and Drop Question Drag and drop the steps from the left into the correct order on the right to enable AppDynamics to monitor an EC2 instance in Amazon Web Services. Answer:
AppDynamics Machine AgentAWS EC2 MonitoringMonitoring ExtensionsAppDynamics Configuration