350-701 Exam Questions

An organization is selecting a cloud architecture and does not want to be responsible for patch management of the operating systems. Why should the organization select either Platf...

An administrator is adding a new Cisco ISE node to an existing deployment. What must be done to ensure that the addition of the node will be successful when inputting the FQDN?

Refer to the exhibit. What will occur when this device tries to connect to the port?

A network engineer must configure a Cisco Secure Email Gateway to prompt users to enter two forms of information before gaining access. The Secure Email Gateway must also join a cl...

Which portion of the network do EPP solutions solely focus on and EDR solutions do not?

Refer to the exhibit. An engineer is implementing a certificate based VPN. What is the result of the existing configuration?

What is a benefit of using Cisco CWS compared to an on-premises Cisco WSA?

What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?

An organization has a requirement to collect full metadata information about the traffic going through their AWS cloud services. They want to use this information for behavior anal...

What is the function of the crypto isakmp key cisc123456789 address 192.168.50.1 255.255.255.255 command when establishing an IPsec VPN tunnel?

An organization wants to improve its cybersecurity processes and to add intelligence to its data. The organization wants to utilize the most current intelligence data for URL filte...

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address Error! Hyperlink reference not...

Refer to the exhibit. Consider that any feature of DNS requests, such as the length of the domain name and the number of subdomains, can be used to construct models of expected beh...

An engineer needs to add protection for data in transit and have headers in the email message. Which configuration is needed to accomplish this goal?

How does a cloud access security broker function?

An engineer integrates Cisco FMC and Cisco ISE using pxGrid. Which role is assigned for Cisco FMC?

Which configuration method provides the options to prevent physical and virtual endpoint devices that are in the same base EPG or uSeg from being able to communicate with each othe...

Drag and Drop Question Drag and drop the security solutions from the left onto the benefits they provide on the right. Answer:

Which statement describes a serverless application?

Which baseline form of telemetry is recommended for network infrastructure devices?

In which scenario is endpoint-based security the solution?

Refer to the exhibit. What is the result of the Python script?

Why is it important to patch endpoints consistently?

An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users. Which action accomplishes this goa...

What is the purpose of joining Cisco WSAs to an appliance group?

Why should organizations migrate to an MFA strategy for authentication?

Which technology should be used to help prevent an attacker from stealing usernames and passwords of users within an organization?

For which type of attack is multifactor authentication an effective deterrent?

Which Cisco cloud security software centrally manages policies on multiple platforms such as Cisco ASA, Cisco Firepower, Cisco Meraki, and AWS?

Which Cisco security solution determines if an endpoint has the latest OS updates and patches installed on the system?

Using Cisco Cognitive Threat Analytics, which platform automatically blocks risky sites, and test unknown sites for hidden advanced threats before allowing users to click them?

What are two things to consider when using PAC files with the Cisco WSA? (Choose two.)

What is a description of microsegmentation?

Which Cisco WSA feature supports access control using URL categories?

Which technology limits communication between nodes on the same network segment to individual applications?

Which IETF attribute is supported for the RADIUS CoA feature?

When a transparent authentication fails on the Web Security Appliance, which type of access does the end user get?

What are two ways that Cisco Container Platform provides value to customers who utilize cloud service providers? (Choose two.)

Which solution for remote workers enables protection, detection, and response on the endpoint against known and unknown threats?

Which two actions does the Cisco Identity Services Engine posture module provide that ensures endpoint security? (Choose two.)

What is an advantage of the Cisco Umbrella roaming client?

Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without th...

Which two Cisco ISE components must be configured for BYOD? (Choose two.)

What are two ways a network administrator transparently identifies users using Active Directory on the Cisco WSA? (Choose two.)

Which two parameters are used for device compliance checks? (Choose two.)

Drag and Drop Question Drag and drop the posture assessment flow actions from the left into a sequence on the right. Answer:

Which system performs compliance checks and remote wiping?

An engineer is configuring Cisco Secure Email Gateway and needs to enable a separated email transfer flow from the Internet and from the LAN. Which deployment mode must be used to...

A network engineer is tasked with configuring a Cisco ISE server to implement external authentication against Active Directory. What must be considered about the authentication req...

Which method of attack is used by a hacker to send malicious code through a web application to an unsuspecting user to request that the victim's web browser executes the code?