Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 14 of 19.

Question #653Network Security
Which two devices support WCCP for traffic redirection? (Choose two.)
WCCPtraffic redirectionnetwork protocols
Question #654
Which two types of connectors are used to generate telemetry data from IPFIX records in a Cisco Secure Workload implementation? (Choose two.)
Cisco Secure WorkloadIPFIXTelemetry connectorsNetFlow
Question #655None
What is a difference between GRE over IPsec and IPsec with crypto map?
GRE TunnelingIPsec VPNProtocol Encapsulation
Question #656
A network administrator has configured TACACS on a network device using the key Cisc0467380030 tor authentication purposes. However, users are unable to authenticate. TACACS server...
TACACS+AAA configurationAuthentication Troubleshooting
Question #657
What must be configured on Cisco Secure Endpoint to create a custom detection tile list to detect and quarantine future files?
Cisco Secure EndpointCustom DetectionsFile HashingThreat Quarantining
Question #658Network Security
What is the default action before identifying the URL during HTTPS inspection in Cisco Secure Firewall Threat Defense software?
Cisco FTDHTTPS inspectionDefault actions
Question #659Cloud Security
A security engineer must add destinations into a destination list in Cisco Umbrella. What describes the application of these changes?
Cisco UmbrellaUmbrella policy managementUmbrella destination lists
Question #660
Which file type is supported when performing a bulk upload of destinations into a destination list on Cisco Umbrella?
Cisco UmbrellaBulk uploadDestination listsSupported file types
Question #661
An engineer is configuring a Cisco Secure Email Cloud Gateway instance to send logs to an external server for auditing. For security purposes, a username and SSH key with the finge...
Cisco Secure Email Cloud GatewayLog forwardingSCPSSH security
Question #662Secure Network Access, Visibility, and Enforcement
An engineer configured 802.1X authentication on a switch port but cannot authenticate. Which action must the engineer take to validate if the user credentials are correct?
802.1XAuthentication troubleshootingAAA server logsNetwork access control
Question #663Network Security
Which feature only implements on the Cisco ASA in the transparent mode?
Cisco ASATransparent firewall modeIntra-subnet traffic inspection
Question #664
An engineer is configuring Cisco Secure Web Appliance and needs to deploy it in transparent mode. Which configuration component must be used to accomplish this goal?
Cisco SWAtransparent modeWCCP
Question #665
Which two algorithms must be used when an engineer is creating a connection that will have classified data across it? (Choose two.)
AES encryptionSHA hashingCryptographySecure communication
Question #666Network Security
Which process is used to obtain a certificate from a CA?
Certificate enrollmentPKI fundamentalsCertificate Authority
Question #667Secure Network Access
Which two methods are valid to be included in an authentication method list? (Choose two.)
Cisco authenticationAuthentication methods list
Question #668
A network administrator is shipping a Cisco ASA to a remote retail site. The administrator wants to ensure that the device configuration cannot be accessed by someone at the site w...
ASA console securityPassword recovery preventionPhysical device securityCisco ASA hardening
Question #669
Which two products are used to forecast capacity needs accurately in real time? (Choose two.)
Cisco AppDynamicsCisco Workload Optimization ManagerCapacity PlanningPerformance Monitoring
Question #670Security Monitoring
A Cisco Secure Cloud Analytics administrator is setting up a private network monitor sensor to monitor an on-premises environment. Which two pieces of information from the sensor a...
Secure Cloud Analytics sensorSensor registrationOn-premises network monitoring
Question #671Secure Network Access, Visibility, and Enforcement
Refer to the exhibit. An administrator is configuring a VPN tunnel on a Cisco router. The information provided by the administrator of the remote end of the VPN tunnel was that IKE...
Cisco VPNIPsec VPNISAKMP policyVPN troubleshooting
Question #672Network Security
Which attack gives unauthorized access to files on the web server?
path traversalweb server vulnerabilityweb application security
Question #673Network Security
A network administrator needs a solution to match traffic and allow or deny the traffic based on the type of application, not just the source or destination address and port used....
Next-generation firewallApplication controlTraffic filtering
Question #674Cloud Security
What is a benefit of using Cisco CWS compared to an on-premises Cisco Secure Web Appliance?
Cisco CWSCloud Web SecuritySecure Web ApplianceRemote Worker Security
Question #675Network Security
Which key feature of Cisco ZFW is unique among other Cisco IOS firewall solutions?
Cisco ZFWsecurity zones
Question #676Cloud Security
Which Cisco solution secures the cloud users, data and applications with the cloud-native CASB and cloud cybersecurity platform?
Cisco CloudLockCASBCloud security solutions
Question #677
What are the components of endpoint protection against social engineering attacks?
Social engineeringEmail securityEndpoint protectionCisco Secure Email Gateway
Question #678
Which feature is used to restrict communication between interfaces on a Cisco ASA?
Cisco ASASecurity levelsInterface security
Question #679Network Security – Configuring AAA authentication on Cisco ASA using TACACS+ for administrative access control
Refer to the exhibit. Logins from internal users to a Cisco Adaptive Security Appliance firewall must be performed by using a TACACS server. The firewall is already configured. Whi...
Cisco ASAAAA ConfigurationTACACS+Firewall Authentication
Question #680Cisco DevNet / ENCOR - Infrastructure Automation: Utilize Cisco DNA Center APIs to automate device onboarding and network provisioning workflows
A network engineer must create a workflow to detect when a device joins a network and send the onboarding configuration to the device by using the Cisco DNA Center API. Which two m...
Cisco DNA Center APIPnP OnboardingNetwork AutomationREST API Endpoints
Question #681VPN Technologies
Which IPsec mode must be used when encrypting data over a public network between two servers with RFC1918 IP addresses?
IPsec modesTunnel modeRFC1918VPN encryption
Question #682
Which platform uses Cyber Threat Intelligence as its main source of information?
Cisco Secure EndpointCyber Threat IntelligenceEndpoint Security
Question #683
Refer to the exhibit. Which task is the Python script performing by using the Umbrella Enforcement API?
Cisco UmbrellaAPI automationPython scriptingDomain blocking
Question #684
Which security mechanism is designed to protect against "offline brute-force" attacks?
Password hashingSaltBrute-force protectionOffline attacks
Question #685
Which method is used on a Cisco IOS router to redirect traffic to the Cisco Secure Web Appliance for URL inspection?
Cisco WCCPTraffic RedirectionWeb Security
Question #686
Which two global commands must the network administrator implement to limit the attack surface of an internet-facing Cisco router? (Choose two.)
Cisco IOS hardeningAttack surface reductionCDP securityHTTP management security
Question #687
Refer to the exhibit. An engineer created a policy named usera1 on a Cisco Secure Email Gateway to enable the antispam feature for an email address of [email protected]. Which confi...
Cisco Secure Email GatewayAntispam policy configurationEmail policy applicationUser-based policies
Question #688Network Security
Which Cisco firewall solution supports configuration via Cisco Policy Language?
Cisco Zone-Based FirewallCisco Policy LanguageFirewall configuration
Question #689Implement Layer 2 Security
A network administrator has configured DHCP snooping on a Cisco switch to prevent unauthorized DHCP servers from assigning IP addresses. During configuration, a device with MAC add...
DHCP snoopingLayer 2 securityDHCP Option 82DHCP relay
Question #690
What are two examples of code injection vulnerabilities? (Choose two.)
Code InjectionSQL InjectionCross-Site ScriptingVulnerabilities
Question #691Security Monitoring
What is a feature of an endpoint detection and response solution?
EDREndpoint SecurityThreat Detection
Question #692Content Security
An engineer is deploying a Cisco Secure Email Gateway and must ensure it reaches the Cisco update servers to retrieve new rules. The engineer must now manually configure the Outbre...
Cisco Secure Email GatewayOutbreak FilterAsyncOS CLISecurity rule management
Question #693
A website administrator wants to prevent SQL injection attacks against the company's customer database, which is referenced by the web server. Which two methods help prevent SQL in...
SQL injection preventionInput validationWAF
Question #694Network Security
An engineer is configuring DHCP on a Cisco switch and wants to ensure that a DHCP packet will be dropped. Under which condition will this occur?
DHCP snoopingSwitch securityUntrusted interfaces
Question #695
An engineer is configuring guest WLAN access using Cisco ISE and the Cisco WLC. Which action temporarily gives guest endpoints access dynamically while maintaining visibility into...
Cisco ISECisco WLCGuest WLANSelf-registered portal
Question #696
An engineer needs to configure cloud logging on Cisco ASA with SAL integration. Which parameter must be considered for this configuration?
Cisco ASACloud LoggingSAL IntegrationCisco CDO Onboarding
Question #697
Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnera...
Cisco Secure WorkloadWorkload securityMicrosegmentationVulnerability detection
Question #698Endpoint Security and Visibility
A network administrator has installed Secure Endpoint in the network. During setup it was noticed an endpoint has been exhibiting unusual behavior, including slow performance and u...
Malware detectionEndpoint securityIncident responseNetwork isolation
Question #699
What are two targets in cross-site scripting attacks? (Choose two.)
Cross-site scriptingXSSWeb application security
Question #700
Which component performs the resolution between the tunnel address and mGRE address in DMVPN?
DMVPNNHRPmGRE
Question #701Network Automation and Programmability - Understanding API interactions (NETCONF/RESTCONF) and proper HTTP headers for programmatic network device configuration retrieval, typically mapped to Cisco ENCOR/DevNet certification domains.
Refer to the exhibit. A network engineer must retrieve the interface configuration on a Cisco router by using the NETCONF API. The engineer uses a Python script to automate the act...
NETCONFRESTCONFPython AutomationYANG Data Models
Question #702
What is a difference between encrypted passwords and hardcoded passwords?
Password storageEncryption principlesHardcoded credentials

PreviousPage 14 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.