Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 12 of 19.

Question #553
During a recent security audit, a Cisco IOS router with a working IPSEC configuration using IKEv1 was flagged for using a wildcard mask with the crypto isakmp key command. The VPN...
IKEv1 configurationDynamic VPN peersVPN hostname identityCisco IOS DNS client
Question #554
Which command is used to log all events to a destination colector 209.165.201.10?
Cisco ASA loggingNetFlow exportFlow export command
Question #555Visibility and Enforcement
What is the most commonly used protocol for network telemetry?
network telemetryNetFlow protocol
Question #556
What are two functions of IKEv1 but not IKEv2? (Choose two.)
IKEv1IKEv2IPsecAggressive Mode
Question #557
Which threat intelligence standard contains malware hashes?
Threat Intelligence StandardsMalware Hashes
Question #558
A company identified a phishing vulnerability during a pentest. What are two ways the company can protect employees from the attack? (Choose two.)
Phishing protectionCisco UmbrellaCisco Secure Email GatewayEmail security
Question #559
Which Cisco ISE feature helps to detect missing patches and helps with remediation?
Cisco ISEPosture AssessmentPatch Management
Question #560
Refer to the exhibit. What is the result of using this authentication protocol in the configuration?
AAA protocolsRADIUSTACACS+Packet flow
Question #561Secure Network Access, Visibility, and Enforcement
Which feature must be configured before implementing NetFlow on a router?
NetFlowNetwork MonitoringRouter ConfigurationIP Routing Prerequisites
Question #562
Which term describes when the Cisco Secure Firewall downloads threat intelligence updates from Cisco Tables?
Cisco Secure FirewallThreat intelligence updatesThreat intelligence consumption
Question #563Endpoint Protection and Detection
What is a function of Cisco AMP for Endpoints?
Cisco AMP for EndpointsEndpoint SecurityThreat Response Automation
Question #564Secure Network Access, Visibility, and Enforcement
An engineer is implementing DHCP security mechanisms and needs the ability to add additional attributes to profiles that are created within Cisco ISE. Which action accomplishes thi...
DHCP RelayCisco ISE ProfilingDHCP Security
Question #565
Which feature requires that network telemetry be enabled?
Network telemetrySyslogLogging
Question #566
Refer to the exhibit. When configuring this access control rule in Cisco FMC, what happens with the traffic destined to the DMZjnside zone once the configuration is deployed?
FMC Access ControlSecurity PolicyDMZ NetworkTraffic Flow
Question #567Secure Cloud Access and Edge
An engineer is trying to decide whether to use Cisco Umbrella, Cisco CloudLock, Cisco Stealthwatch, or Cisco AppDynamics Cloud Monitoring for visibility into data transfers as well...
Cisco CloudLockData Loss PreventionCloud SecurityCASB
Question #568
An engineer needs to detect and quarantine a file named abc123456789.zip based on the MD5 signature of the file using the Outbreak Control list feature within Cisco Advanced Malwar...
Cisco AMP EndpointsOutbreak ControlMD5 file detectionMalware quarantine
Question #569Secure Network Access, Visibility, and Enforcement
With regard to RFC 5176 compliance, how many IETF attributes are supported by the RADIUS CoA feature?
RADIUS CoARFC 5176IETF attributes
Question #570Security - Network Access Control and Identity Management (e.g., Cisco CCNA Security / CCNP Security / CompTIA Security+ - AAA and NAC concepts)
Drag and Drop Question Drag and drop the concepts from the left onto the descriptions on the right. Answer:
Network Access ControlNACIdentity ServicesCisco ISE
Question #571Network Security
For a given policy in Cisco Umbrella, how should a customer block website based on a custom list?
Cisco Umbrellawebsite blockingdestination listssecurity policy
Question #572Network Security
On their laptops around to simplify administration. Which switch port MAC address security setting must be used?
Port securityMAC address securitySwitch configuration
Question #573Network Security
Which Cisco Firewall solution requires zone definition?
Cisco ZBFWZone definition
Question #574Endpoint Security and Visibility
A company recently discovered an attack propagating throughout their Windows network via a file named abc428565580xyz exe. The malicious file was uploaded to a Simple Custom Detect...
Cisco AMP for EndpointsCustom detectionsApplication controlMalware detection
Question #575Network Access Control
Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two)
Cisco ISETrustSecChange of AuthorizationRADIUS Dynamic Authorization
Question #576
An engineer is configuring Cisco WSA and needs to deploy it in transparent mode. Which configuration component must be used to accomplish this goal?
Cisco WSATransparent proxyWCCP
Question #577
Which feature is used in a push model to allow for session identification, host reauthentication, and session termination?
AAARADIUS protocolCoA requestSession management
Question #578
An engineer needs to configure a Cisco Secure Email Gateway (SEG) to prompt users to enter multiple forms of identification before gaining access to the SEG. The SEG must also join...
Two-factor authenticationRADIUS authenticationSEG clusteringPreshared key
Question #579
An engineer recently completed the system setup on a Cisco WSA. Which URL information does the system send to SensorBase Network servers?
Cisco WSASensorBaseURL reporting
Question #580
Why should organizations migrate to a multifactor authentication strategy?
Multifactor AuthenticationAuthentication StrategySecurity Best Practices
Question #581
What is the function of the crypto isakmp key cisc406143794 address 0.0.0.0 0.0.0.0 command when establishing an IPsec VPN tunnel?
IPsec VPNIKE pre-shared keyCisco CLI
Question #582Network Security
Client workstations are experiencing extremely poor response time. An engineer suspects that an attacker is eavesdropping and making independent connections while relaying messages...
Dynamic ARP InspectionARP spoofingMan-in-the-MiddleLayer 2 security
Question #583Network Security
An administrator is testing new configuration on a network device. The network device had a previously established association with the NTP server but is no longer processing time...
NTPNTP authenticationTime synchronizationNetwork troubleshooting
Question #584
What does Cisco ISE use to collect endpoint attributes that are used in profiling?
Cisco ISEEndpoint profilingAttribute collectionProbes
Question #585None
Which two Cisco ISE components enforce security policies on noncompliant endpoints by blocking network access? (Choose two.)
Cisco ISEEndpoint CompliancePosture AgentsEndpoint Profiling
Question #586Threat Visibility and Enforcement
Which Cisco security solution gives the most complete view of the relationships and evolution of Internet domains, IPs, and files, and helps to pinpoint attackers' infrastructures...
Cisco UmbrellaThreat intelligenceDomain reputationIP reputation
Question #587Security Monitoring
Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.)
Cisco ASA flow-exportNetFlow configuration
Question #588
What are two benefits of using an MDM solution? (Choose two.)
Mobile Device ManagementMDM benefits
Question #589
Which VPN provides scalability for organizations with many remote sites?
DMVPNVPN scalabilityVPN types
Question #590Cloud Security
Which Cisco security solution secures public, private, hybrid, and community clouds?
Cisco CloudlockCloud securityCASB
Question #591
What is the target in a phishing attack?
phishingsocial engineeringendpoint security
Question #592Endpoint Security and Visibility
A university policy must allow open access to resources on the Internet for research, but internal workstations are exposed to malware. Which Cisco AMP feature allows the engineeri...
Cisco AMPFile PrevalenceEndpoint SecurityMalware Tracking
Question #593
Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatures on endpoints and then quarantine the files?
AMP for EndpointsCustom DetectionsMD5 Signature DetectionEndpoint Quarantine
Question #594Infrastructure - Configure and verify network monitoring using NetFlow and CEF on Cisco IOS devices (CCNP ENCOR / CCNA Infrastructure Management)
Drag and Drop Question A network engineer is configuring NetFlow top talkers on a Cisco router. Drag and drop the steps in the process from the left into the sequence on the right....
NetFlowCisco Express ForwardingNetwork MonitoringIOS Configuration
Question #595Network Security
Refer to the exhibit. Which command results in these messages when attempting to troubleshoot an IPsec VPN connection?
IPsec VPNISAKMPTroubleshootingCisco IOS Commands
Question #596Endpoint Protection and Detection
Which technology provides a combination of endpoint protection, endpoint detection, and response?
Endpoint ProtectionEDRCisco AMP
Question #597
Which industry standard is used to integrate Cisco ISE and Cisco pxGrid to each other and with other interoperable security platforms?
Cisco ISECisco pxGridSecurity integration standards
Question #598Host-Based Analysis
What is a functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client?
Cisco AMPCisco UmbrellaEndpoint ProtectionDNS Filtering
Question #599
An organization is moving toward the zero-trust model. Which Cisco solution enables administrators to deploy and control microsegmentation of endpoints that are connected to a Cisc...
Cisco ACIMicrosegmentationZero Trust ArchitectureVirtual Networking
Question #600Endpoint Security and Visibility
An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing a file named abc123456789.exe without...
Cisco AMP EndpointsOutbreak ControlFile blockingSHA-256 policies
Question #601
An organization is using DNS services for their network and want to help improve the security of the DNS infrastructure. Which action accomplishes this task?
DNSSECCisco UmbrellaDNS security
Question #602
Which Cisco security solution provides patch management in the cloud?
Cisco Secure Workloadpatch managementworkload securitycloud security

PreviousPage 12 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.