Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 4 of 19.

Question #152Network Security
A network engineer has entered the snmp-server user andy myv3 auth sha cisco priv aes 256 cisc0380739941 command and needs to send SNMP information to a host at 10.255.254.1. Which...
Cisco SNMPv3SNMP trap configurationIOS command syntax
Question #153Security Concepts
Which type of attack is social engineering?
social engineeringphishing attack
Question #154
Which compliance status is shown when a configured posture policy requirement is not met?
Posture policyCompliance status
Question #155
What must be used to share data between multiple security products?
Cisco pxGridSecurity Integration
Question #156Secure Network Access, Visibility, and Enforcement
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which probe must be enabled for this type of profiling to work?
Endpoint ProfilingDHCP ProbeOUI ClassificationDevice Grouping
Question #157
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval fr...
PKI enrollmentCertificate enrollment method
Question #158Network Security
A network engineer is configuring DMVPN and entered the crypto is akmp key cisc0380739941 address 0.0.0.0 command on host A The tunnel is not being established to host B. What acti...
DMVPN configurationVPN authenticationPre-shared key (PSK)
Question #159Network Security
A network administrator configures Dynamic ARP Inspection on a switch. After Dynamic ARP Inspection is applied, all users on that switch are unable to communicate with any destinat...
Dynamic ARP InspectionDHCP SnoopingSwitch securityTroubleshooting
Question #160
Refer to the exhibit. What does the API do when connected to a Cisco security appliance?
Cisco Security APIAMP endpoint visibilityNetwork interface data
Question #161
Refer to the exhibit. A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The...
Cisco IOS VPN troubleshootingSite-to-site VPNIKE Phase 1debug crypto isakmp sa
Question #162Secure Network Access
Refer to the exhibit. An engineer configured wired 802.1x on the network and is unable to get a laptop to authenticate. Which port configuration is missing?
802.1x configurationCisco switch portAuthentication troubleshootingNetwork Access Control
Question #163
Refer to the exhibit. A network administrator configures command authorization for the admm5 user. What is the admin5 user able to do on HQ_Router after this configuration?
Cisco AAACommand AuthorizationUser Privileges
Question #164Security
An organization is receiving SPAM emails from a known malicious domain. What must be configured in order to prevent the session during the initial TCP communication?
Cisco SEGSMTP connection blockingDomain reputationAnti-spam
Question #165Network Security
What is a key difference between Cisco Firepower and Cisco ASA?
Cisco FirepowerCisco ASAIntrusion Prevention SystemNext-Generation Firewall
Question #166Content Security
While using Cisco Secure Firewall's Security Intelligence policies, which two criteria is blocking based upon? (Choose two.)
Cisco Secure FirewallSecurity IntelligenceURL filteringIP filtering
Question #167Network Security
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the sy...
Cleartext transmissionNetwork encryptionVulnerabilitiesReconnaissance
Question #168
A network administrator is using the Cisco Secure Email Gateway with AMP to upload files to the cloud for analysis. The network is congested and is affecting communication. How wil...
Cisco Secure Email GatewayCisco AMPCloud file analysisNetwork error handling
Question #169Network Security
Refer to the exhibit. Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense appliance. What is causing this issue?
IPsec VPNFTDAccess Control PolicyTroubleshooting
Question #170
What are two DDoS attack categories? (Choose two.)
DDoS attacks
Question #171
What is a feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?
Cisco NetFlowCisco ASASecurity Logging
Question #172
Which product allows Cisco FMC to push security intelligence observable to its sensors from other products?
Cisco FMCThreat IntelligenceSecurity Intelligence Integration
Question #173
An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows. What action would allow the a...
SQL injectionweb application vulnerabilitiesbuffer overflow attacks
Question #174Threat Detection and Mitigation
An organization is trying to improve their Defense in Depth by blocking malicious destinations prior to a connection being established. The solution must be able to block certain a...
Cisco UmbrellaDNS securityWeb filteringApplication control
Question #175Network Security
An engineer notices traffic interruption on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, b...
Storm Controlbroadcast storm prevention
Question #176
In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?
EDREPPEndpoint SecurityAdvanced Threat Detection
Question #177
What is provided by the Secure Hash Algorithm in a VPN?
Secure Hash AlgorithmData integrityVPN security
Question #178
Which type of API is being used when a controller within a software-defined network architecture dynamically makes configuration changes on switches within the network?
SDN APIsSouthbound API
Question #179
An engineer needs behavioral analysis to detect malicious activity on the hosts, and is configuring the organization's public cloud to send telemetry using the cloud provider's mec...
VPC Flow LogsCloud network monitoringSecurity telemetryBehavioral analysis
Question #180
What is managed by Cisco Security Manager?
Cisco Security ManagerCisco ASA
Question #181
Why is it important to have logical security controls on endpoints even though the users are trained to spot security threats and the network devices already help prevent them?
Endpoint securityDefense-in-depthInsider threatsLogical controls
Question #182Endpoint Protection and Visibility
What is the benefit of installing Cisco AMP for Endpoints on a network?
Cisco AMP for EndpointsEndpoint securityMalware protection
Question #183
Which Talos reputation center allows for tracking the reputation of IP addresses for email and web traffic?
TalosIP reputationEmail securityWeb security
Question #184
An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism. Which port on the firewall must be opened to allow the CoA traffi...
802.1XRADIUS CoANetwork Ports
Question #185
What is the purpose of the certificate signing request when adding a new certificate for a server?
Certificate Signing RequestDigital CertificatesPKI
Question #186
What is the purpose of the My Devices Portal in a Cisco ISE environment?
Cisco ISE My Devices PortalDevice registration
Question #187Content Security
An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and t...
Email SecurityCisco Secure Email GatewayTalosThreat Intelligence
Question #188Security Concepts
What is an attribute of the DevSecOps process?
DevSecOpsSDLC SecurityApplication SecuritySecurity Best Practices
Question #189Network Security
A user has a device in the network that is receiving too many connection requests from multiple machines. Which type of attack is the device undergoing?
SYN floodDoS attacksTCP attacks
Question #190
Refer to the exhibit. An organization is using DHCP Snooping within their network. A user on VLAN 41 on a new switch is complaining that an IP address is not being obtained. Which...
DHCP SnoopingSwitch port securityNetwork troubleshootingIP address assignment
Question #191Cloud Security
A company is experiencing exfiltration of credit card numbers that are not being stored on- premise. The company needs to be able to protect sensitive data throughout the full envi...
Cloud DLPCASBData exfiltrationSensitive data protection
Question #192
Which algorithm provides asymmetric encryption?
Asymmetric EncryptionEncryption AlgorithmsCryptography
Question #193
For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs?
Cisco IOS PKICRL distributionLDAPHTTP
Question #194
When Cisco and other industry organizations publish and inform users of known security findings and vulnerabilities, which name is used?
security vulnerabilityCVE
Question #195DOMAIN_NOT_APPLICABLE_NO_LIST_PROVIDED
What is the Cisco API-based broker that helps reduce compromises, application risks, and data breaches in an environment that is not on-premise?
Cisco CloudlockCASBCloud securityAPI security
Question #196
Which Cisco platform ensures that machines that connect to organizational networks have the recommended antivirus definitions and patches to help prevent an organizational malware...
Cisco ISENetwork Access ControlEndpoint Compliance
Question #197Network Security
A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen on the network. Which two actions should be selected to allow the traf...
Cisco FirepowerAccess Control PoliciesFirewall Rule ActionsTraffic Inspection
Question #198
Which two fields are defined in the NetFlow flow? (Choose two.)
NetFlowCisco NetFlow fieldsNetwork monitoring
Question #199Content Security
An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occur...
Cisco UmbrellaSSL decryptionRoot CA certificateURL filtering
Question #200Secure Network Access, Visibility, and Enforcement
An engineer is trying to securely connect to a router and wants to prevent insecure algorithms from being used. However, the connection is failing. Which action should be taken to...
Cisco SSH configurationRSA key managementSecure remote managementCryptographic algorithms
Question #201Network Security
How does DNS Tunneling exfiltrate data?
DNS TunnelingData Exfiltration

PreviousPage 4 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.