Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 17 of 19.

Question #803Secure Access
After a security incident, an engineer must propose a solution to secure management traffic better. The engineer must ensure that remote access is maintained in case the internet f...
Out-of-band managementManagement plane securitySecure remote accessNetwork resilience
Question #804Endpoint Protection and Detection
How does Cisco Secure Endpoint exclude server IP addresses and ports from detection?
Cisco Secure EndpointDetection exclusionIP allow listEndpoint security policy
Question #805
How does a cross-site request forgery attack operate?
CSRFWeb Application SecurityAttack Types
Question #806Cloud Security
An engineer must protect data hosted in the cloud by using Cisco CloudLock data loss protection policies. The engineer uses a predefined policy for the configuration and needs the...
Cisco CloudLockDLP policiesRegex matchingPolicy tolerance
Question #807
A network engineering team wants to configure web reputation URL filtering in Cisco vManage by setting the web reputation threshold. Which value represents the most secure configur...
Cisco vManageWeb reputation filteringURL filteringSecurity thresholds
Question #808
A networking team must harden an organization's core switch against man-in-the-middle attacks. The team must use Dynamic ARP Inspection (DAI) on the switch to meet the security ser...
Dynamic ARP InspectionARP securitySwitch hardeningMan-in-the-middle mitigation
Question #809
What is an advantage of FlexVPN when compared to DMVPN?
FlexVPNDMVPNVPN comparisonIPsec routing
Question #810Configure and manage Cisco Secure Web Appliance policies, specifically modifying Global Access Policy URL filtering actions
Drag and Drop Question An engineer must modify the Global Access Policy on a Cisco Secure Web Appliance. Blocked URLs must now be set to Monitor instead of Block. Drag and drop the...
Cisco Secure Web ApplianceAccess PoliciesURL FilteringWeb Security Manager
Question #811
An engineer wants to assign a printer to a different VLAN than what is statically configured on the switch port. Which CoA type should the engineer use?
Change of AuthorizationCoA typesDynamic VLAN
Question #812
An engineer must create a new custom URL on a Cisco Secure Web Appliance to block cisco.com and all its subdomains. The engineer performs these actions: - Create a new custom URL c...
Cisco SWAURL filteringCustom URL categoriesWildcard domains
Question #813
What is a characteristic of a man-in-the-middle attack?
Man-in-the-middle attackNetwork security threats
Question #814
An engineer is configuring a new destination list for Cisco Umbrella. The destination list is in Microsoft Excel format and contains many domains. Which two actions must be taken t...
Cisco UmbrellaDestination listsFile import format
Question #815
A company named Org.Co plans to migrate a messaging app to a software as a service offering. A security engineer must protect data-at-rest and data in transit, and the solution mus...
SaaS securityCASBdata protectionpolicy enforcement
Question #816Secure Network Access, Visibility and Enforcement
An engineer is implementing a network access control solution for a client. The client has separate data and voice VLANs and the deployment is now entering the testing phase. Which...
NACUser AuthenticationTACACS+Authentication Failover
Question #817
Refer to the exhibit. Which task is the Python script performing by using the Cisco Umbrella API?
Cisco Umbrella APIPython scriptingAPI data retrievalSecurity event monitoring
Question #818
What is a capability of the Cisco ISE guest service in the web-based portal?
Cisco ISEGuest ServicesWeb Portal
Question #819
Which network technology does Cisco Next-Generation Firewall replace?
Cisco NGFWIntrusion Detection
Question #820
Refer to the exhibit. An engineer is deploying an incoming mail policy. When [email protected] sends an email to [email protected], the policy must drop any emails suspected of bei...
Email securityAnti-spam policyMail policy configuration
Question #821Automation and Programmability – Use Cisco APIs (Cisco Secure Endpoint / AMP API) to automate security operations using Python scripting and REST API calls
Refer to the exhibit. A security engineer must create a new VIP user group on a Cisco Secure Endpoint device. To automate the procedure, a Python script is used. Which code snippet...
Cisco Secure EndpointREST APIPython scriptingHTTP methods
Question #822Security Concepts
What is a characteristic of Trusted Automated eXchange of Indicator Information?
TAXIIThreat intelligence sharingCyber threat information
Question #823
Which component is included in a zero-trust architecture model?
Zero TrustMFA
Question #824
What is a difference between weak passwords and missing encryption?
Password securityData encryptionSecurity vulnerabilities
Question #825
What is Cisco Talos Intelligence?
Cisco TalosThreat Intelligence
Question #826
What is Cisco Talos?
Cisco Talosthreat intelligence
Question #827Security Concepts
What is a difference between SQL injection and buffer overflow attacks?
SQL injectionBuffer overflowVulnerability typesApplication security
Question #828
What is an attribute of Structured Threat Information eXpression?
STIXThreat Intelligence
Question #829
How is an amplification DDoS attack performed?
DDoS attackAmplification attackDNS amplification
Question #830
What is a capability of a Cisco Next-Generation Firewall?
Cisco NGFWIntrusion Prevention
Question #831Network Security
A network engineer must establish a site-to-site VPN between two Cisco routers using IPsec. The engineer creates an access control list to permit the traffic, configures phase 1 an...
IPsec VPNNAT exemptionSite-to-site VPNCisco VPN config
Question #832
Refer to the exhibit. An engineer must configure a site-to-site VPN connection between SiteA and SiteB. The engineer already performed some configuration on the Cisco Adaptive Secu...
Cisco ASAsite-to-site VPNIPsec VPNtunnel-group
Question #833Network Security
Refer to the exhibit. A network engineer configures a network on a Cisco switch that has interVLAN routing where PC1 belongs to VLAN10 and PC2 belongs to VLAN20. Which action shoul...
Cisco VLAN configurationAccess port assignmentEthernet switching
Question #834Network Security
What is a difference between a Cisco Adaptive Security Appliance firewall and a zone-based firewall?
Cisco ASAZone-based firewallFirewall comparison
Question #835Network Security
Drag and Drop Question Refer to the exhibit. An engineer must configure dynamic NAT on a Cisco Adaptive Security Appliance firewall so that when inside users connect to an outside...
Cisco ASANAT ConfigurationNetwork SecurityFirewall
Question #836
Which interface mode does a Cisco Secure IPS device use to block suspicious traffic?
Cisco IPSIPS deployment modesTraffic blocking
Question #837
What is an advantage of using a next-generation firewall compared to a traditional firewall?
NGFWTraditional FirewallFirewall comparisonThreat intelligence
Question #838Secure Network Access
A network administrator must configure remote access to a Cisco ASA. The administrator configures an identity certificate, uploads the SSL VPN client image to the Cisco ASA, and en...
Cisco ASASSL VPNRemote Access VPNConnection Profile
Question #839Secure Network Access, Visibility, and Segmentation
A security engineer is tasked with configuring TACACS on a Cisco ASA firewall. The engineer must be able to access the firewall command line interface remotely. The authentication...
Cisco ASA TACACSAAA authenticationSSH accessLocal authentication
Question #840Network Security
An administrator is implementing management plane protection and must configure an interface on a Cisco router to only terminate management packets that are destined for the router...
Cisco IOSManagement Plane ProtectionRouter Configuration
Question #841ERROR: Official Exam Domains list was not provided in the prompt.
Which firewall mode does a Cisco Adaptive Security Appliance use to inspect Layer 2 traffic?
Cisco ASAFirewall modesLayer 2 inspection
Question #842Network Security
What does an IPS use to receive network traffic without modifying the traffic?
IPSSPAN portnetwork monitoring
Question #843Network Security
Which feature is used to configure an encrypted route-based site-to-site VPN from a Cisco router to a cloud environment?
Cisco VTIRoute-based VPNSite-to-site VPNIPsec
Question #844
What is a capability of a Cloud Access Security Broker?
Cloud Access Security BrokerCloud SecurityApplication Access Control
Question #845None
An engineer must configure a destination list on Cisco Umbrella. The destination list must allow requests to test.domain.com and block any other URLs to .domain.com. Which configur...
Cisco UmbrellaDestination listsURL filteringRegex
Question #846
In which scenario is downloading Umbrella Dynamic IP Updater a configuration step?
Cisco UmbrellaDynamic IP UpdaterDNS Security
Question #847Cloud Security
An engineer migrates a web server to the cloud in a platform as a service model. Which security measure must be implemented next to protect the resources?
PaaS securityIPSWeb application securityCloud security controls
Question #848Network Security
A company deploys an application that contains confidential data and has a hybrid hub-and- spoke topology. The hub resides in a public cloud environment, and the spoke resides on-...
TLSData in transit encryptionHybrid network securityNetwork protocols
Question #849
A network administrator wants to deploy a Secure Web Appliance to protect users even when they are outside of the corporate environment. The destination IP and port of all packets...
Explicit proxyWeb proxyProxy methods
Question #850Content Security
platform. An engineer must secure the website because the company has experienced a recent increase in DoS, DDoS, cross-site scripting, and SQL injection attacks. Which security so...
Web Application FirewallWeb securityDoS attacksSQL injection
Question #851
An engineer is configuring Outbreak Filters for a Cisco Secure Email Gateway to protect a network from large-scale virus outbreaks and phishing scams. Any URLs that match the filte...
Cisco Secure Email GatewayOutbreak FiltersCLI configurationEmail security
Question #852
Which capability of Cisco Secure Endpoint for Email Security protects users from sophisticated phishing attacks?
Cisco Secure EndpointEmail SecurityPhishing protectionContinuous file analysis

PreviousPage 17 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.