Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 13 of 19.

Question #603Content Security
Which Cisco security solution stops exfiltration using HTTPS?
HTTPS exfiltrationthreat detectionSSL/TLS inspectiondata loss prevention
Question #604Network Security
An engineer is adding a Cisco router to an existing environment. NTP authentication is configured on all devices in the environment with the command ntp authentication-key 1 md5 Ci...
NTP configurationNTP authenticationNTP server preferenceCisco IOS CLI
Question #605
Which solution is more secure than the traditional use of a username and password and encompasses at least two of the methods of authentication?
Multifactor AuthenticationAuthentication Methods
Question #606Secure Network Access
Which feature is used in a push model to allow for session identification host reauthentication and session termination?
AAARADIUSCoA requestNetwork Access Control
Question #607Content Security
An engineer is configuring Cisco WSA and needs to ensure end clients are protected against DNS spoofing attacks. Which deployment method accomplishes this goal?
Cisco WSAWSA deployment modesDNS spoofing protectionExplicit proxy
Question #608
Which Cisco network security device supports contextual awareness?
Cisco FirepowerContextual awareness
Question #609
An engineer must set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration. Which switch port MAC address secur...
Switch port securitySticky MAC
Question #610
Which type of encryption uses a public key and a private key?
Asymmetric encryptionPublic key cryptographyEncryption fundamentals
Question #611
Which firewall deployment mode allows inspection of traffic between servers in the same IP subnet?
Transparent firewallFirewall deployment modesLayer 2 inspection
Question #612
What are two functionalities of SDN southbound APIs? (Choose two.)
SDN architectureSouthbound APIsOpenFlow
Question #613Secure Network Access, Visibility, and Enforcement
When MAB is configured for use within the 802.1X environment, an administrator must create a policy that allows the devices onto the network. Which information is used for the user...
MAB802.1XNetwork Access ControlAuthentication
Question #614
Which two VPN tunneling protocols support the use of IPsec to provide data integrity, authentication, and data encryption? (Choose two.)
VPN tunnelingIPsecGREL2TP
Question #615
Which Cisco Umbrella package supports selective proxy for inspection of traffic from risky domains?
Cisco UmbrellaUmbrella packagesSelective proxyDNS Security
Question #616
What are the two distribution methods available to an administrator when performing a fresh rollout of the Cisco AnyConnect Secure Mobility Client? (Choose two.)
Cisco AnyConnectClient deploymentAnyConnect distribution
Question #617
An engineer must configure Cisco AMP for Endpoints so that it contains a list of files that should not be executed by users. These files must not be quarantined. Which action meets...
Cisco AMPEndpoint securityApplication control
Question #618
A security audit recently revealed that an administrator is using the same password of C1$c0448845217 for his personal account across multiple systems. What must be implemented by...
Security awareness trainingPassword securityHuman factors security
Question #619
When a site-to-site VPN is configured in Cisco FMC, which topology is supported when crypto ACLs are used instead of protected networks to define interesting traffic?
Cisco FMCSite-to-site VPNCrypto ACLsVPN topology
Question #620
Which solution operates as a cloud-native CASB?
CASBCisco CloudLockCloud Security
Question #621
Which entity is responsible for encrypting data in transit using an IaaS model versus a SaaS model?
Shared responsibility modelIaaSSaaSData in transit encryption
Question #622
Which two aspects of the IaaS cloud service model are managed by the service provider? (Choose two.)
IaaS responsibilitiesCloud service modelsPhysical network managementHypervisor management
Question #623
Which solution provides end-to-end visibility of applications and insights about application performance?
Application Performance MonitoringCisco AppDynamics
Question #624Secure Network Access, Visibility, and Enforcement
Drag and Drop Question Refer to the exhibit. An engineer must configure a Cisco switch to perform PPP authentication via a TACACS server located at IP address 10.1.1.10. Authentica...
AAATACACS+Secure Network AccessNetwork Device Configuration
Question #625
An administrator needs to be able to have a router securely communicate with a network management system. The connections must be authenticated but not encrypted. While meeting the...
SNMPv3Router configurationSNMP authenticationNetwork Management System
Question #626Network Security
Refer to the exhibit. An engineer must enable secure SSH protocols and enters this configuration. What are two results of running this set of commands on a Cisco router? (Choose tw...
Cisco SSH configRSA key generationKey labelingRouter security
Question #627
Which algorithm does ISAKMP use to securely derive encryption and integrity keys?
ISAKMPKey ExchangeDiffie-Hellman
Question #628
Which two activities are performed using Cisco DNA Center? (Choose two.)
Cisco DNA CenterNetwork DesignNetwork Provisioning
Question #629
A network administrator is setting up a site-to-site VPN from a Cisco FTD to a cloud environment. After the administrator configures the VPN on both sides, they still cannot reach...
Cisco FTD VPNSite-to-site VPNVPN troubleshootingIPSec SA
Question #630Implement Web Security
Which two tasks are required when a decryption policy is implemented on a Cisco WSA? (Choose two.)
Cisco WSA decryptionHTTPS proxy configurationSSL certificate management
Question #631
An organization is using CSR1000v routers in their private cloud infrastructure. They must upgrade their code to address vulnerabilities within their running code version. Who is r...
Virtual RoutersSoftware PatchingCloud ResponsibilityPrivate Cloud Operations
Question #632Cloud Security
An organization wants to reduce their attack surface for cloud applications. They want to understand application communications, detect abnormal application behavior, and detect vu...
Cisco TetrationWorkload ProtectionAnomaly DetectionVulnerability Management
Question #633
Which Cisco AnyConnect module is integrated with Splunk Enterprise to provide monitoring capabilities to administrators to allow them to view endpoint application usage?
Cisco AnyConnectNetwork Visibility ModuleSplunk integrationEndpoint monitoring
Question #634
What describes the function of the crypto isakmp key C1$c451090787 address 0.0.0.0 0.0.0.0 command when configuring an IPsec VPN tunnel on a Cisco IOS router?
IPsec VPNIKEv1Preshared KeyCisco IOS CLI
Question #635Network Security
Which common threat can be prevented by implementing port security on switch ports?
Port securitySwitch securityLayer 2 securitySpoofing prevention
Question #636Network Security
What is the ideal deployment mode to use when you need to manage separate security policies for multiple customers on a Cisco ASA device?
Cisco ASAMultiple Context ModeNetwork Security PoliciesMulti-tenancy
Question #637
In which cloud services model is the customer responsible for scanning for and mitigation of application vulnerabilities?
Cloud Service ModelsShared Responsibility ModelApplication SecurityPaaS
Question #638
An engineer must modify an existing remote access VPN using a Cisco AnyConnect Secure Mobility client solution and a Cisco Secure Firewall. Currently, all the traffic generate by t...
AnyConnect VPNSplit TunnelingGroup Policy
Question #639Network Security / Infrastructure Security - Configuring and implementing access control lists (ACLs) on Cisco ASA firewalls to control traffic flow based on protocol, source, destination, and port.
A network engineer must create an access control list on a Cisco Adaptive Security Appliance firewall. The access control list must permit HTTP traffic to the internet from the org...
Cisco ASAAccess Control ListsNetwork SecurityFirewall Configuration
Question #640
Which problem Is solved by deploying a multicontext firewall?
Multicontext firewallOverlapping IP addressingNetwork segmentation
Question #641
An organization wants to reduce their attach surface for cloud applications. They want to understand application communications, detect abnormal application Behavior, and detect vu...
Cisco Secure WorkloadApplication securityCloud application securityVulnerability detection
Question #642
What is a functional difference between Cisco Secure Endpoint and Cisco Umbrella Roaming Client?
Cisco Secure EndpointCisco Umbrella Roaming ClientEndpoint SecurityDNS Security
Question #643N/A
What is the purpose of a denial-of-service attack?
DoS attackCyberattack
Question #644
A network administrator is setting up Cisco FMC to send logs to Cisco Security Analytics and Logging (SaaS). The network administrator is anticipating a high volume of logging even...
Cisco FMC loggingCisco Secure AnalyticsSyslog configurationLog forwarding performance
Question #645
What is the purpose of the Trusted Automated exchange cyber threat intelligence industry standard?
TAXIIThreat IntelligenceThreat Sharing
Question #646
Which action configures the IEEE 802.1X Flexible Authentication feature lo support Layer 3 authentication mechanisms?
802.1XFlexible AuthenticationMABLayer 3 authentication
Question #647
Which Cisco solution provides a comprehensive view of Internet domains, IP addresses, and autonomous systems to help pinpoint attackers and malicious infrastructures?
Cisco UmbrellaThreat IntelligenceDNS Security
Question #648Application Security
A security test performed on one of the applications shows that user input is not validated. Which security vulnerability is the application more susceptible to because of this lac...
Web application securityInput validationSQL injection
Question #649
A network administrator is modifying a remote access VPN on an FTD managed by an FMC. The administrator wants to offload traffic to certain trusted domains. The administrator wants...
Dynamic split tunnelingRemote Access VPNCisco FTDCisco FMC
Question #650Content Security
What is a benefit of a Cisco Secure Email Gateway Virtual as compared to a physical Secure Email Gateway?
Cisco Secure Email GatewayVirtual applianceVirtualization benefitsResource allocation
Question #651
Which method must be used to connect Cisco Secure Workload to external orchestrators at a client site when the client does not allow incoming connections?
Cisco Secure WorkloadReverse tunnelOrchestrator connectivityOutbound connectivity
Question #652Not Provided
Which technology must De used to Implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity?
GET VPNMulti-site VPNVPN DesignSecure Connectivity

PreviousPage 13 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.