350-701 Exam Questions
916 real 350-701 exam questions with expert-verified answers and explanations. Page 7 of 19.
- Question #302
What is the role of Cisco Umbrella Roaming when it is installed on an endpoint?
Cisco UmbrellaEndpoint SecurityDNS securityRoaming security - Question #303Endpoint Security and Secure Network Access
A company discovered an attack propagating through their network via a file. A custom file policy was created in order to track this in the future and ensure no other endpoints exe...
File hash detectionSecurity file policiesMalware prevention - Question #304Secure Network Access, Visibility, and Enforcement
A network engineer must monitor user and device behavior within the on-premises network. This data must be sent to the Cisco Stealthwatch Cloud analytics platform for analysis. Wha...
Cisco Stealthwatch CloudStealthwatch PNM sensorNetwork monitoringFlow data collection - Question #305Threats and Vulnerabilities
What is a difference between a DoS attack and DDos attack?
DoS attackDDoS attack - Question #306Network Security
An engineer has been tasked with configuring a Cisco FTD to analyze protocol fields and detect anomalies in the traffic from industrial systems. What must be done to meet these req...
Cisco FTDICS/SCADA securityProtocol anomaly detectionDNP3 preprocessor - Question #307
What is the benefit of integrating cisco ISE with a MDM solution?
Cisco ISEMDM integrationNetwork Access ControlEndpoint compliance - Question #308
Refer to the exhibit. A network engineer is testing NTP authentication and realizes that any device synchronizes time with this router and that NTP authentication is not enforced....
NTP authenticationNTP configurationTime synchronization - Question #309
Which posture assessment requirement provides options to the client for remediation and requires the remediation within a certain timeframe?
Posture assessmentMandatory remediationNetwork Access Control - Question #310Secure Network Access, Visibility, and Enforcement
An administrator configures new authorization policies within Cisco ISE and has difficulty profiling the devices. Attributes for the new Cisco IP phones that are profiled based on...
Cisco ISE profilingDevice sensorCDP attributesDHCP attributes - Question #311Network Security
What is a functional difference between a Cisco ASA and Cisco IOS router with Zone-Based Policy Firewall?
Cisco ASAZBFWFirewall default policiesNetwork security appliances - Question #312Network Security
A Cisco FTD engineer is creating a new IKEv2 policy called s2s00123456789 for their organization to allow for additional protocols to terminate network devices with. They currently...
Cisco FTDIKEv2 policyVPN ConfigurationPolicy Priority - Question #313
Which cloud model is a collaborative effort where infrastructure is shared and jointly accessed by several organizations from a specific group?
Cloud modelsCommunity cloudCloud computing concepts - Question #314Content Security
A customer has various external HTTP resources available including Intranet Extranet and Internet, with a proxy configuration running in explicit mode. Which method allows the clie...
Proxy configurationExplicit proxyPAC fileBrowser configuration - Question #315Network Security
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices. The default management port conflicts with other communications on the network and must be changed. W...
Cisco FMCCisco FTDManagement portDevice communication - Question #316
Refer to the exhibit. What does the Python script accomplish?
Cisco ISEPython scriptingERS APIAPI authentication - Question #317Cloud Security
Which component of cisco umbrella architecture increases reliability of the service?
Cisco Umbrella architectureDNS securityService reliabilityAnycast - Question #318
An organization wants to use Cisco FTD or Cisco ASA devices Specific URLs must be blocked from being accessed via the firewall, which requires that the administrator input the bad...
Cisco FTDCisco ASAURL FilteringAccess Control Policy - Question #319
Which type of DNS abuse exchanges data between two computers even when there is no direct connection?
DNS abuseData exfiltrationDNS tunneling - Question #320
Which DevSecOps implementation process gives a weekly or daily update instead of monthly or quarterly in the applications?
CI/CD pipelineDevSecOpsContinuous Delivery - Question #321Network Security
An organization deploys multiple Cisco FTD appliances and wants to manage them using one centralized solution. The organization does not have a local VM but does have existing Cisc...
Cisco FTD ManagementCisco FMCASA to FTD Migration - Question #322Content Security
An administrator configures a Cisco WSA to receive redirected traffic over ports 80 and 443. The organization requires that a network device with specific WSA integration capabilit...
Cisco WSAWCCPTransparent ProxyWeb Proxy Configuration - Question #323
An organization configures Cisco Umbrella to be used for its DNS services. The organization must be able to block traffic based on the subnet that the endpoint is on, but sees only...
Cisco UmbrellaDNS securityInternal IP visibilityUmbrella VA - Question #324
An organization wants to secure data in a cloud environment. Its security model requires that all users be authenticated and authorized. Security configuration and posture must be...
MicrosegmentationZero TrustNetwork SegmentationApplication Control - Question #325
An engineer is configuring cloud logging using a company-managed Amazon S3 bucket for Cisco Umbrella logs. What benefit does this configuration provide for accessing log data?
Cisco UmbrellaAWS S3Cloud LoggingSIEM Integration - Question #326
How does Cisco Workload Optimization Manager help mitigate application performance issues?
Cisco Workload Optimization ManagerWorkload OptimizationApplication Performance ManagementResource Automation - Question #327Content Security
An engineer adds a custom detection policy to a Cisco AMP deployment and encounters issues with the configuration. The simple detection mechanism is configured, but the dashboard i...
Cisco AMPDetection policiesFile hashesSHA-256 - Question #328
What is a benefit of using telemetry over SNMP to configure new routers for monitoring purposes?
Network TelemetrySNMPNetwork Monitoring - Question #329
An organization wants to provide visibility and to identify active threats in its network using a VM. The organization wants to extract metadata from network packet flow while ensu...
Network visibilityThreat identificationPacket metadataCisco Stealthwatch Cloud - Question #330
What is a difference between GETVPN and iPsec?
GETVPNIPsecMPLS - Question #331Content Security
An administrator configures a new destination list in Cisco Umbrella so that the organization can block specific domains for its devices. What should be done to ensure that all sub...
Cisco UmbrellaDestination listsDomain blockingSubdomain handling - Question #332Cloud Security
An organization wants to secure users, data, and applications in the cloud. The solution must be API-based on operate as a cloud-native CASB. Which solution must be used for this i...
CASBCloud SecurityCisco CloudlockAPI Security - Question #333Configure and verify network access policies
Which attribute has the ability to change during the RADIUS CoA?
RADIUS CoAAuthorizationNetwork Access Control - Question #334
What is a difference between an XSS attack and an SQL injection attack?
XSS attackSQL injection attackWeb application securityVulnerability types - Question #335Secure Network Access, Visibility, and Enforcement
Which VMware platform does Cisco ACI integrate with to provide enhanced visibility, provide policy integration and deployment, and implement security policies with access lists?
Cisco ACIVMware integrationPolicy managementNetwork security - Question #336Content Security
Refer to the exhibit. How does Cisco Umbrella manage traffic that is directed toward risky domains?
Cisco UmbrellaDNS securitythreat blockingrisky domains - Question #337Cloud Security Assessment and Risk Management - understanding the distinct purposes and scopes of various cloud security evaluation methodologies, commonly aligned with certifications such as CCSP, CCSK, or vendor-specific cloud security frameworks (e.g., AWS/Azure/GCP security specializations).
Drag and Drop Question Drag and Drop the cloud security assessment components from the left onto the definitions on the right. Answer:
Cloud SecuritySecurity AssessmentsUEBACloud Architecture - Question #338Secure Network Access, Visibility, and Enforcement
Refer to the exhibit. A Cisco ISE administrator adds a new switch to an 802. 1X deployment and has difficulty with some endpoints gaining access. Most PCs and IP phones can connect...
Cisco ISE802.1XMAC Authentication Bypass - Question #339Secure Network Access, Visibility, and Enforcement
An administrator is adding a new switch onto the network and has configured AAA for network access control. When testing the configuration, the RADIUS authenticates to Cisco ISE bu...
AAARADIUS configurationCisco ISENetwork Access Control - Question #340
An engineer is adding a Cisco router to an existing environment. NTP authentication is configured on all devices in the environment with the command ntp authentication-key 1 md5 Cl...
Cisco NTPNTP authenticationNTP client modeNTP server preference - Question #341Endpoint Security
What does endpoint isolation in Cisco AMP for Endpoints security protect from?
Cisco AMPEndpoint isolationThreat containment - Question #342
Which system facilitates deploying microsegmentation and multi-tenancy services with a policy- based container?
ContivMicrosegmentationContainer networkingMulti-tenancy - Question #343Endpoint Security
Which feature is leveraged by advanced antimalware capabilities to be an effective endpomt protection platform?
AntimalwareEndpoint ProtectionSandboxing - Question #344Cloud Security
An organization wants to implement a cloud-delivered and SaaS-based solution to provide visibility and threat detection across the AWS network. The solution must be deployed withou...
Cisco Stealthwatch CloudAWS Security MonitoringThreat DetectionVPC Flow Logs - Question #345
What is the difference between a vulnerability and an exploit?
VulnerabilityExploitSecurity Concepts - Question #346
Cisco SensorBase gathers threat information from a variety of Cisco products and services and performs analytics to find pattern on threats. Which term describes this process?
Cisco SensorBaseThreat intelligenceSecurity analyticsThreat sharing - Question #347
An engineer is configuring their router to send NetfFow data to Stealthwatch which has an IP address of 1.1.1.1 using the flow record Stealthwatch406143794 command. Which additiona...
NetFlow configurationCisco router commandsFlow record - Question #348Network Security
Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnera...
Cisco TetrationData Center SecurityBehavioral AnalyticsVulnerability Detection - Question #349Network Security
How is data sent out to the attacker during a DNS tunneling attack?
DNS tunnelingData exfiltrationCommand and Control (C2)Network attacks - Question #350Secure Network Access
An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco ISE. The engineer wants to authenticate users using their account when they log into networ...
Cisco DUOCisco ISETACACS+MFA integration - Question #351
A Cisco AMP for Endpoints administrator configures a custom detection policy to add specific MD5 signatures. The configuration is created in the simple detection policy section, bu...
Cisco AMP for EndpointsCustom detection policiesMD5 signaturesSecurity policy configuration