Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 6 of 19.

Question #252
Which suspicious pattern enables the Cisco Secure Workload platform to learn the normal behavior of users?
Cisco Secure WorkloadUser behavior analyticsAnomaly detectionThreat detection patterns
Question #253Network Security
Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps. Which two actions must be taken to ensure that interfaces are put ba...
Cisco error-disableInterface recoveryPort troubleshootingTraffic storm protection
Question #254Threats and Vulnerabilities
What is the difference between Cross-site Scripting and SQL Injection attacks?
Cross-site ScriptingSQL InjectionWeb application security
Question #255Secure Network Access, Visibility, and Enforcement
A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing authentication and is unable to access the network. Where should the administrat...
Cisco ISE802.1X authenticationAuthentication troubleshootingRADIUS logs
Question #256Secure Network Access, Visibility, and Enforcement
What is a prerequisite when integrating a Cisco ISE server and an AD domain?
Cisco ISEActive Directory integrationTime synchronization
Question #257
An organization recently installed a Cisco Secure Web Appliance and would like to take advantage of the AVC engine to allow the organization to create a policy to control applicati...
Cisco SWAAVC engineApplication ControlAccess Policy Groups
Question #258
Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access to network resources?
BYOD onboardingCertificate deploymentSupplicant configurationNetwork access control
Question #259Security Automation and Orchestration
Refer to the exhibit. What will happen when this Python script is run?
Python scriptingCisco AMP APISecurity automation
Question #260
An organization is trying to implement micro-segmentation on the network and wants to be able to gain visibility on the applications within the network. The solution must be able t...
Cisco TetrationMicro-segmentationApplication visibilityCompliance enforcement
Question #261Cloud Security
Which factor must be considered when choosing the on-premise solution over the cloud-based one?
On-premise deploymentCloud deploymentInfrastructure responsibility
Question #262
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?
Cisco FirepowerThreat IntelligenceCisco Talos
Question #263
An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, w...
Cisco Stealthwatch CloudOn-premise data collectionStealthwatch Cloud sensor deployment
Question #264Endpoint Protection and Detection
What does Cisco AMP for Endpoints use to help an organization detect different families of malware?
Cisco AMP for EndpointsMalware detectionEthos EngineEndpoint security
Question #265
What are two characteristics of Cisco Catalyst Center APIs? (Choose two.)
Cisco Catalyst CenterAPI characteristicsNetwork automationNetwork monitoring
Question #266Endpoint Security and Visibility
What is a benefit of conducting device compliance checks?
Device complianceEndpoint securitySecurity posture
Question #267Endpoint Security and Access
In which two ways does Easy Connect help control network access when used with Cisco TrustSec? (Choose two)
Cisco Easy ConnectCisco TrustSecSecurity Group TagsNetwork Access Control
Question #268
A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface. How does the switch behave in this situation?
Dynamic ARP InspectionARP securityTrusted interfaceLayer 2 security
Question #269Network Security
An administrator is configuring a DHCP server to better secure their environment. They need to be able to rate-limit the traffic and ensure that legitimate requests are not dropped...
DHCP securityDHCP snoopingTrusted interface
Question #270Automation and Programmability
Refer to the exhibit. What will happen when the Python script is executed?
Python scriptingNetwork programmabilityHostname retrieval
Question #271MISSING: Official Exam Domains list not provided
Refer to the exhibit. When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to utilize an external token authentication mechanism...
Cisco ASA VPNAAA AuthenticationToken Authentication
Question #272Cloud Security
An engineer has been tasked with implementing a solution that can be leveraged for securing the cloud users, data, and applications. There is a requirement to use the Cisco cloud n...
Cisco CloudlockCASBCloud Security
Question #273Cloud Security
An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with other cloud solutions via an API. Which solution should be used t...
Cloud SecuritySecurity MonitoringCisco CloudlockCASB
Question #274Identity and Access Management
Why is it important to implement MFA inside of an organization?
Multi-Factor AuthenticationAuthentication SecurityBrute Force Protection
Question #275
A network administrator is configuring SNMPv3 on a new router. The users have already been created; however, an additional configuration is needed to facilitate access to the SNMP...
SNMPv3 configurationSNMP viewsSNMP user mapping
Question #276Network Security
An organization is using Cisco Firepower and Cisco Meraki MX for network security and needs to centrally manage cloud policies across these platforms. Which software should be used...
Cisco FirepowerCisco Meraki MXCentralized managementCisco Defense Orchestrator
Question #277Network Security
An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. The organization needs to ensure that the ISAKMP key on the hub is used only for terminati...
Site-to-site VPNISAKMPPre-shared keyCisco IOS configuration
Question #278Network Management and Monitoring - Understanding NetFlow versions, their capabilities, and use cases for traffic visibility and performance analysis (relevant to CCNP Enterprise, CCNA, and network management certifications)
Drag and Drop Question Drag and drop the NetFlow export formats from the left onto the descriptions on the right. Answer:
NetFlowNetwork MonitoringTraffic AnalysisExport Formats
Question #279Note: The question is incomplete as the benefit descriptions (right-side items) are not provided in the source data, making it impossible to fully validate specific pairings. Based on available information, this question tests knowledge of Cisco security product differentiation, typically falling under the CCNA Security, CCNP Security, or CyberOps Associate domain: 'Security Concepts and Network Security Solutions' - specifically identifying the distinct capabilities of Cisco Stealthwatch (behavioral analytics/threat detection), Cisco ISE (identity and access policy), Cisco TrustSec (segmentation/SGT enforcement), and Cisco Umbrella (DNS-layer/cloud-delivered security).
Drag and Drop Question Drag and drop the solutions from the left onto the solution's benefits on the right. Answer:
Cisco Security PortfolioNetwork Security SolutionsZero TrustThreat Detection
Question #280Network Security
Refer to the exhibit. An administrator is adding a new Cisco FTD device to their network and wants to manage it with Cisco FMG. The Cisco FTD is not behind a NAT device. Which comm...
Cisco FTDCisco FMCDevice RegistrationCLI Configuration
Question #281
An organization has a Cisco Secure Email Gateway set up with policies and would like to customize the action assigned for violations. The organization wants a copy of the message t...
Cisco Secure Email GatewayDLP policiesEmail message actions
Question #282
Where are individual sites specified to be black listed in Cisco Umbrella?
Cisco Umbrellasite blacklistingdestination lists
Question #283CompTIA Security+ / Network+ - Threats, Attacks, and Vulnerabilities: Identify types of malware, social engineering attacks, and common cybersecurity threats
Drag and Drop Question Drag and drop the common security threats from the left onto the definitions on the right. Answer:
security threatsmalwaresocial engineeringnetwork security
Question #284
What is the purpose of a Netflow version 9 template record?
NetflowNetflow v9 templates
Question #285
What is the purpose of CA in a PKI?
PKICertificate AuthorityDigital certificatesCertificate issuance
Question #286
When choosing an algorithm to us what should be considered about Diffie Hellman and RSA for key establishment?
Diffie-HellmanRSAKey exchangeAsymmetric encryption
Question #287Security Concepts
Which category includes Dos Attacks?
DoS attacksDenial of ServiceFlood attacksAttack types
Question #288Visibility and Enforcement
Which service allows a user export application usage and performance statistics with Cisco Application Visibility and control?
Cisco AVCNetFlownetwork monitoringapplication performance
Question #289Secure Network Access, Visibility, and Enforcement
Which kind of API that is used with Cisco DNA Center provisions SSIDs, Qos policies, and update software versions on switches?
Cisco DNA CenterIntent APINetwork automationSDN
Question #290Secure Network Access, Visibility, and Enforcement
Which parameter is required when configuring a Netflow exporter on a Cisco Router?
Netflow exporterCisco Router configNetflow configuration parameters
Question #291
What are two advantages of using Cisco AnyConnect over DMVPN? (Choose two.)
Cisco AnyConnectDMVPNRemote Access VPNVPN Access Control
Question #292Secure Connectivity
A network engineer needs to select a VPN type that provides the most stringent security, multiple security associations for the connections, and efficient VPN establishment with th...
FlexVPNDMVPNSecurity AssociationsIKEv2
Question #293
Which algorithm is an NGE hash function?
NGEHash algorithmsSHA-2
Question #294Network Security
What is a capability of Cisco ASA Netflow?
Cisco ASANetFlowNSELSecurity Event Logging
Question #295
Which type of encryption uses a public key and private Key?
Asymmetric encryptionCryptography basics
Question #296
What are two Trojan malware attacks? (Choose two)
TrojanRootkitBackdoorMalware
Question #297
Which two capabilities of Integration APIs are utilized with Cisco Catalyst Center? (Choose two.)
Cisco Catalyst CenterIntegration APIsNetwork MonitoringITSM Integration
Question #298
An engineer is configuring IPsec VPN and needs an authentication protocol that is reliable and supports ACK and sequence. Which protocol accomplishes this goal?
IPsec VPNESP protocolVPN authenticationAnti-replay protection
Question #299Secure Network Access, Visibility, and Enforcement
What are two features of NetFlow flow monitoring? (Choose two.)
NetFlowFlow monitoringTraffic analysis
Question #300
Which cryptographic process provides origin confidentiality, integrity, and origin authentication for packets?
IPsecESPNetwork SecurityCryptography
Question #301Secure Network Access, Visibility, and Enforcement
What is a benefit of performing device compliance?
Device compliancePatch managementEndpoint securityNetwork Access Control

PreviousPage 6 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.