350-701 Exam Questions
916 real 350-701 exam questions with expert-verified answers and explanations. Page 16 of 19.
- Question #753Content Security
Refer to the exhibit. A company named ABC has a Cisco Secure Email Gateway and an engineer must configure the incoming mail policy so that emails containing malware files are quara...
Email SecurityMalware ProtectionSecurity Policy ConfigurationCisco Secure Email Gateway - Question #754Content Security
How does a Cisco Secure Web Appliance integrated with LDAP handle the permissions of a currently logged in Active Directory group member when the Active Directory administrator cha...
Cisco Secure Web Appliance (WSA)LDAP/Active Directory IntegrationUser PermissionsSession Management - Question #755
Refer to the exhibit. An engineer must forward all web traffic sent from Client-SiteA to the monitoring server to build a baseline of expected traffic once a new Cisco Secure Web A...
SPANNetwork monitoringCisco switch configuration - Question #756
What is the difference between EPP and EDR?
EPPEDREndpoint Security - Question #757
The security team has installed a Cisco Secure Email Gateway. During setup, a large number of email messages containing the string "abcde1111111111" are being blocked. The security...
Cisco Secure Email GatewayEmail quarantineEmail security policiesThreat investigation - Question #758Cisco Email Security / Secure Email Gateway - Understanding deployment options (on-premises vs. cloud-hosted) and the operational responsibilities associated with each model, typically aligned with Cisco CyberOps or CCNP Security certification objectives.
Drag and Drop Question Drag and drop the Cisco Secure Email Gateway benefits from the left to the corresponding deployment options on the right. Answer:
Cisco Secure Email Gatewaydeployment modelscloud vs on-premisesshared responsibility model - Question #759Cloud Security Concepts and Shared Responsibility - typically aligned with certifications such as CompTIA Security+, AWS Cloud Practitioner, or CCSP Domain 1 (Cloud Concepts, Architecture, and Design)
Drag and Drop Question Drag and drop the security responsibilities from the left onto the corresponding cloud service models on the right. Answer:
Shared Responsibility ModelCloud Service ModelsIaaS vs PaaS vs SaaSPatch Management - Question #760Firewall Technologies
What is a difference between a zone-based firewall and a Cisco Adaptive Security Appliance firewall?
Zone-based firewallCisco ASAFirewall conceptsFirewall comparison - Question #761Secure Infrastructure
Refer to the exhibit. A network engineer must configure a Cisco router to send traps using SNMPv3. The engineer configures a remote user to receive traps and sets the security leve...
Cisco IOSSNMPv3 configurationSNMP trapsAuthentication without privacy - Question #762
An engineer must deploy a Cisco Secure Web Appliance. Antimalware scanning must use the Outbreak Heuristics antimalware category on files identified as malware before performing an...
Antimalware scanningAdaptive ScanningOutbreak Heuristics - Question #763Endpoint Protection and Detection
An engineer is configuring Cisco Secure Endpoint to enhance security by preventing the execution of certain files by users. The engineer needs to ensure that the specific executabl...
Cisco Secure EndpointApplication controlExecutable blocking - Question #764
A security administrator is designing an email protection solution for an onsite email server and must meet these requirements: - Remove malware from email before it reaches corpor...
Email securityCisco Secure EmailMalware protectionURL filtering - Question #765
A web hosting company must upgrade its older, unsupported on-premises servers. The company wants a cloud solution in which the cloud provider is responsible for: - Server patching...
Cloud Service ModelsShared Responsibility ModelSaaS - Question #766
What are two benefits of workload security? (Choose two.)
Workload securityAttack surface reductionScalable security policies - Question #767Identity Management
Refer to the exhibit. An engineer must configure a new Cisco ISE backend server as a RADIUS server to provide AAA for all access requests from the client to the ISE-Frontend server...
Cisco ISE external RADIUSAAA authenticationRADIUS ports - Question #768
How is a cross-site scripting attack executed?
Cross-site scriptingXSSWeb application securityClient-side attacks - Question #769
Which two Cisco Umbrella security categories are used to prevent command-and-control callbacks on port 53 and protect users from being tricked into providing confidential informati...
Cisco UmbrellaDNS securityCommand & ControlPhishing - Question #770
An engineer must deploy Cisco Secure Email with Cloud URL Analysis and must meet these requirements: - To protect the network from large-scale virus outbreaks - To protect the netw...
Cisco Secure Email configurationCloud URL AnalysisOutbreak FiltersEmail security prerequisites - Question #771Secure Network Access, Visibility, and Enforcement
An engineer is implementing NAC for LAN users on a segmented network. The engineer confirms that the device of each user is supported and the Cisco switch configuration is correct....
NACRADIUSUDP 1812Authentication ports - Question #772Content Security
Which policy does a Cisco Secure Web Appliance use to block or monitor URL requests based on the reputation score?
Cisco Secure Web ApplianceURL filteringreputation scoring - Question #773Governance, Risk, and Compliance
What is a benefit of an endpoint patch management strategy?
Endpoint patch managementRegulatory complianceVulnerability management - Question #774
What is an attribute of Cisco Talos?
Cisco TalosThreat intelligence - Question #775
An engineer must implement a file transfer solution between a company's data center and branches. The company has numerous servers hosted in a hybrid cloud implementation. The file...
File Transfer ProtocolsSecure Copy Protocol (SCP)Network SecurityProtocol Features - Question #776Network Security
A network engineer is configuring a Cisco Catalyst switch. The network engineer must prevent traffic on the network from being interrupted by broadcast packets flooding the network...
Storm Controlbroadcast storm preventionCisco Catalyst switch - Question #777Configure and manage email security features on Cisco Secure Email Gateway, specifically enabling and configuring Outbreak Filters to protect against large-scale malware and virus outbreaks.
Drag and Drop Question An engineer must enable Outbreak Filters globally on an AsyncOS for Cisco Secure Email Gateway to protect the network from large-scale malware attacks. Drag...
Outbreak FiltersAsyncOS ConfigurationCisco Secure Email GatewayMalware Protection - Question #778Endpoint Protection and Detection
Why is it important to implement a comprehensive endpoint patching strategy?
Endpoint patchingPatch managementEndpoint securityVulnerability management - Question #779
Which security category does Cisco Umbrella use to block DNS requests that have not been seen in Umbrella before or have not yet had a client lookup?
Cisco UmbrellaDNS securityNewly Seen Domains - Question #780
What are two benefts of workload security? (Choose two.)
Workload securitySecurity benefits - Question #781
A network engineer must segment a corporate network into smaller, more manageable networks by using a Cisco Nexus 1000V switch. The corporate infrastructure uses port 443 for acces...
Cisco Nexus 1000VNetwork Segmentation ManagervShield Manager integrationNetwork segmentation - Question #782
A company named Org.Co is upgrading its infrastructure and wants to migrate from a legacy firewall appliance to a cloud security service that will provide: - Threat intelligence -...
Cisco UmbrellaDNS securityCloud security serviceThreat intelligence - Question #783Secure Network Access
What is a benefit of implementing multifactor authentication for an application?
Multifactor authenticationCredential protection - Question #784Understanding and Using APIs
A developer must create a script to retrieve a count of inactive end devices by using the Cisco Catalyst Center API. Which endpoint and method pair is needed to make the API call?
Cisco Catalyst Center APIAPI endpointsClient health monitoring - Question #785
What is a difference between SQL injection and buffer overflow attacks?
SQL injectionBuffer overflow - Question #786Network Security
What is a capability of a Cisco Secure IPS?
Cisco Secure IPSIPS capabilitiesRetrospective File Analysis - Question #787Secure Network Access
Refer to the exhibit. An administrator must configure AAA authentication on a Cisco router with a RADIUS server for administrative access. Which command completes the configuration...
Cisco AAARADIUS configurationRouter securityRADIUS attributes - Question #788
An email containing a URL passes through the Cisco Secure Email Gateway. Content filtering is disabled for all mail policies. The sender of the mail is [email protected] while the rec...
Cisco Secure Email GatewayEmail security policyURL filteringWeb reputation - Question #789Implement Secure Connectivity
Refer to the exhibit. An engineer must configure a remote access VPN connection between a teleworker and SiteB. The engineer already performed some configurations on the Cisco Adap...
Cisco ASA VPNRemote Access VPNVPN Address PoolsTunnel Group Configuration - Question #790
What is the purpose of the Structured Threat Information eXpression?
STIXThreat Intelligence Sharing - Question #791
Which feature must be enabled to configure a Predefined URL category on a Cisco Secure Web Appliance?
Cisco WSAURL FilteringPredefined URL CategoryAcceptable Use Controls - Question #792Identity and Access Management
What is a benefit of multifactor authentication?
Multifactor authenticationMFA benefits - Question #793
What is part of a network monitoring solution that uses streams to push operational data to the solution and provide a near real-time view of activity?
Network telemetryOperational data streamingNetwork monitoring solutions - Question #794Network Security
Refer to the exhibit. An engineer is implementing a site-to-site VPN on a Cisco router with a remote Cisco router. What must be configured next to ensure the tunnel status is up?
Cisco Site-to-site VPNIPsec VPNVPN tunnel setupRemote peer configuration - Question #795Cloud Security
What is a capability of cross-site scripting?
Cross-site scriptingXSSWeb application attacksSession hijacking - Question #796
An engineer must configure URL filtering for user-defined Decryption Policy groups on a Cisco Secure Web Appliance. The engineer must block the gaming category for HTTPS requests....
Cisco Secure Web ApplianceURL filteringSSL decryptionAccess Policy - Question #797N/A
Refer to the exhibit. A network security engineer must enable and configure port security on a Cisco Catalyst switch. Up to 20 secure MAC addresses must be support below the thresh...
Cisco Port SecurityPort Security Violation ModesSwitch Security - Question #798
Which two methods are available in Cisco Secure Web Appliance to process client requests when configured in Transparent mode? (Choose two.)
Cisco SWATransparent proxyWPADWCCP - Question #799
Refer to the exhibit. An administrator is adding a new Cisco Secure Firewall Threat Defence with IP address 10.1.1.100 managed with Cisco Secure Firewall Management Center. The reg...
Cisco FTD registrationCisco FMC integrationFTD CLI commands - Question #800
What is a difference between Cisco Secure Endpoint and Cisco Umbrella?
Cisco Secure EndpointCisco UmbrellaEndpoint SecurityDNS Security - Question #801
What is the purpose of RADIUS CoA in a network access control implementation?
RADIUS CoANetwork Access ControlPolicy Enforcement - Question #802
How should an organization gain visibility into encrypted flows leaving the organization?
HTTPS decryptionTraffic inspectionNetwork visibility