Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 5 of 19.

Question #202Automation and Programmability
What is the function of SDN southbound API protocols?
SDN architectureSouthbound APINetwork programmability
Question #203
What is a characteristic of a bridge group in ASA Firewall transparent mode?
Cisco ASATransparent FirewallBridge GroupInterface Configuration
Question #204
A network administrator is configuring a rule in an access control policy to block certain URLs and selects the "Chat and Instant Messaging" category. Which reputation score should...
Cisco URL filteringWeb reputation scoreAccess policy configurationContent category blocking
Question #205
Which public cloud provider supports the Cisco Next Generation Firewall Virtual?
Cisco NGFWvPublic Cloud IntegrationAWS
Question #206
What provides the ability to program and monitor networks from somewhere other than the Cisco DNA Center GUI?
Network APIsCisco DNA CenterNetwork programmability
Question #207
What is a benefit of using Cisco FMC over Cisco ASDM?
Cisco FMCCisco ASDMCentralized management
Question #208
What are the two types of managed Intercloud Fabric deployment models? (Choose two.)
Intercloud FabricDeployment models
Question #209
Which type of algorithm provides the highest level of protection against brute-force attacks?
Cryptographic hash functionsBrute-force attacksSHA algorithm
Question #210Cloud Security
Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two.)
PaaSShared responsibility modelCloud management
Question #211Network Security
Which two cryptographic algorithms are used with IPsec? (Choose two.)
IPsec algorithmsEncryption algorithmsHashing algorithms
Question #212
What must be configured in Cisco ISE to enforce reauthentication of an endpoint session when an endpoint is deleted from an identity group?
Cisco ISE CoAEndpoint reauthenticationDynamic policy enforcement
Question #213Threat Protection
How does Cisco Advanced Phishing Protection protect users?
Phishing protectionMachine learning securityEmail security
Question #214Content Security
What are two differences between a Cisco WSA that is running in transparent mode and one running in explicit mode? (Choose two.)
Cisco WSAWSA explicit modeWSA transparent mode
Question #215Security Concepts
Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity professionals remain aware of the ongoing and most prevalent threats?
Talosthreat intelligencethreat awarenessCisco security
Question #216
In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?
man-in-the-middle attackMITMnetwork securityattack types
Question #217
Refer to the exhibit. Which type of authentication is in use?
LDAPEmail AuthenticationMicrosoft Outlook
Question #218
What are two benefits of Flexible NetFlow records? (Choose two)
Flexible NetFlowTraffic IdentificationNetwork Accounting
Question #219Content Security
After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishin...
Web proxyURL filteringPhishing prevention
Question #220Content Security
An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly identifying all valid recipients. What must be done on the Cisco Secure E...
Cisco Secure Email GatewayDirectory Harvest Attack PreventionEmail recipient enumerationLDAP security
Question #221CompTIA Security+ Domain 2: Threats, Vulnerabilities, and Mitigations / Cryptographic Concepts - understanding the differences between symmetric (3DES) and asymmetric (Diffie-Hellman) encryption algorithms, including their key requirements and performance characteristics.
Drag and Drop Question Drag and drop the descriptions from the left onto the encryption algorithms on the right. Answer:
CryptographySymmetric EncryptionAsymmetric EncryptionKey Exchange Protocols
Question #222Security Monitoring and Analytics – understanding Cisco Tetration platform capabilities for detecting anomalous behaviors, workload telemetry, and insider threat detection in data center and cloud environments (relevant to CCNP/CCIE Security or Cisco CyberOps certifications).
Drag and Drop Question Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right. Answer:
Cisco TetrationBehavioral AnalysisWorkload SecuritySuspicious Patterns
Question #223Endpoint Protection and Detection
Drag and Drop Question Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right. Answer:
Cisco FirepowerCisco AMPThreat DetectionEndpoint Protection
Question #224Threats, Attacks, and Vulnerabilities - Identify types of malware, attacks, and threat actors in cloud and network environments (e.g., CompTIA Security+ Domain 1 or CompTIA Cloud+ threat management)
Drag and Drop Question Drag and drop the threats from the left onto examples of that threat on the right Answer:
cloud security threatscybersecurity fundamentalsthreat identificationCompTIA Security+
Question #225CompTIA Security+ / CCNA Security - Cryptography and PKI / VPN and Encryption Technologies: Understanding the roles of symmetric encryption, asymmetric encryption, hashing algorithms, and key management protocols in securing VPN communications.
Drag and Drop Question Drag and drop the VPN functions from the left onto the description on the right. Answer:
VPNCryptographyIPSecNetwork Security Protocols
Question #226
What is a difference between DMVPN and sVTI?
DMVPNsVTIVPN tunnelsDynamic VPN
Question #227Security Concepts
What are two functions of secret key cryptography? (Choose two.)
Secret key cryptographySymmetric encryption
Question #228Programmability and Automation
Which type of API is being used when a security application notifies a controller within a software- defined network architecture about a specific security threat?
SDN architectureNorthbound APINetwork automation
Question #229
Which type of protection encrypts RSA keys when they are exported and imported?
RSA keyskey managementencryptionexport protection
Question #230Security Concepts
Which attack type attempts to shut down a machine or network so that users are not able to access it?
DoS attacksSmurf attackCybersecurity fundamentals
Question #231
A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability. What is the connection status in both cases?
ASA failoverStateful failoverStateless failoverHigh availability
Question #232
When planning a VPN deployment, for which reason does an engineer opt for an active/active FlexVPN configuration as opposed to DMVPN?
FlexVPNDMVPNVPN designActive/Active VPN
Question #233
What features does Cisco FTDv provide over Cisco ASAv?
Cisco FTDvCisco ASAvURL filteringFirewall capabilities
Question #234
An organization has two systems in their DMZ that have an unencrypted link between them for communication. The organization does not have a defined password policy and uses several...
Weak passwordsBrute-force attacksVulnerability identificationPassword policy
Question #235
Which DoS attack uses fragmented packets in an attempt to crash a target machine?
DoS attackTeardrop attackPacket fragmentation
Question #236Security Concepts
What is a function of 3DES in reference to cryptography?
3DESSymmetric encryptionEncryption algorithms
Question #237Cisco CCNP Security / CyberOps - Implementing and Operating Cisco Security Core Technologies (SCOR): Describe and differentiate IDS/IPS deployment models including routed, passive, passive with ERSPAN, and transparent modes
Drag and Drop Question Drag and drop the deployment models from the left onto the explanations on the right. Answer:
IPS Deployment ModesNetwork Security ArchitectureCisco FirepowerInline vs Passive Monitoring
Question #238
Which risk is created when using an Internet browser to access cloud-based service?
Browser securityWeb protocolsClient-side vulnerabilities
Question #239
A Cisco Secure Email Gateway network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is dis...
Cisco Secure Email GatewayEmail security policyReputation-based filteringSecurity policy troubleshooting
Question #240
An administrator is trying to determine which applications are being used in the network but does not want the network devices to send metadata to Cisco Firepower. Which feature sh...
Firepower Network DiscoveryApplication VisibilityNetwork Inventory
Question #241
Which attack is preventable by Cisco Secure Email Gateway but not by the Cisco WSA?
Cisco SEGCisco WSAPhishing protectionEmail security
Question #242
A Cisco Secure Email Gateway administrator has been tasked with configuring the Cisco Secure Email Gateway to ensure there are no viruses before quarantined emails are delivered. I...
Cisco Secure Email GatewayEmail AntivirusSenderBase Outbreak Filters
Question #243Secure Network Access, Visibility, and Enforcement
Which type of dashboard does Cisco DNA Center provide for complete control of the network?
Cisco DNA CenterNetwork managementCentralized management
Question #244Cloud Security
In an IaaS cloud services model, which security function is the provider responsible for managing?
Cloud shared responsibilityIaaS securityHypervisor security
Question #245ERROR: Official Exam Domains list was not provided in the prompt.
A network engineer has been tasked with adding a new medical device to the network. Cisco ISE is being used as the NAC server, and the new device does not have a supplicant availab...
Cisco ISEMABDevice profilingNAC
Question #246Network Security
An engineer is implementing NTP authentication within their network and has configured both the client and server devices with the command ntp authentication-key 1 md5 Cisc39236827...
NTP authenticationNTP client configurationTime synchronization
Question #247Endpoint Protection and Detection
What is the role of an endpoint in protecting a user from a phishing attack?
Endpoint securityPhishing preventionML threat detection
Question #248Content Security
An organization has noticed an increase in malicious content downloads and wants to use Cisco Umbrella to prevent this activity for suspicious domains while allowing normal web tra...
Cisco UmbrellaIntelligent ProxyWeb SecurityDNS Security
Question #249
With which components does a southbound API within a software-defined network architecture communicate?
SDN architectureSouthbound APINetwork devices
Question #250
A network administrator needs to find out what assets currently exist on the network. Third-party systems need to be able to feed host data into Cisco Firepower. What must be confi...
Cisco FirepowerNetwork DiscoveryAsset ManagementThird-party Integration
Question #251
When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure w...
Cisco ISAKMPIKEv1IPsec shared keyCisco IOS CLI

PreviousPage 5 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.