Browse Exams Pricing

Exams350-701Questions

350-701 Exam Questions

916 real 350-701 exam questions with expert-verified answers and explanations. Page 9 of 19.

Question #402Threat Intelligence
An administrator enables Cisco Threat Intelligence Director on a Cisco FMC. Which process uses STIX and allows uploads and downloads of block lists?
Cisco Threat Intelligence DirectorSTIXThreat intelligence feedsThreat intelligence consumption
Question #403
Which open standard creates a framework for sharing threat intelligence in a machine-digestible format?
OpenIOC StandardThreat Intelligence SharingCybersecurity Standards
Question #404Network Security
What are two functionalities of SDN Northbound APIs? (Choose two.)
SDNNorthbound APIsSDN architecture
Question #405
What is an advantage of network telemetry over SNMP polls?
Network TelemetrySNMP
Question #406
What are two functions of TAXII in threat intelligence sharing? (Choose two.)
TAXIIThreat Intelligence SharingSTIX
Question #407
A network engineer must migrate a Cisco WSA virtual appliance from one physical host to another physical host by using VMware vMotion. What is a requirement for both physical hosts...
VMware vMotionVirtual appliance migrationCisco WSAVirtualization networking
Question #4085.0 Endpoint Security and Visibility
What is a difference between Cisco AMP for Endpoints and Cisco Umbrella?
Cisco AMP for EndpointsCisco UmbrellaEndpoint SecurityDNS Security
Question #409Access Control and Identity Management
What is the result of the ACME-Router(config)#login block-for 100 attempts 4 within 60 command on a Cisco IOS router?
Cisco IOS securityLogin blockingBrute-force protection
Question #410Securing the Cloud
An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment and must route inbound email to Cisco CES addresses. Which DNS record must be modified to acco...
DNSEmail SecurityMail FlowCisco CESOffice 365
Question #411Network Security
What are two functionalities of northbound and southbound APIs within Cisco SDN architecture? (Choose two.)
SDNNorthbound APISouthbound APINetwork Architecture
Question #412Security Policies and Procedures
Refer to the exhibit. Which configuration item makes it possible to have the AAA session on the network?
Cisco AAAAAA authorizationNetwork access
Question #413
Refer to the exhibit. What is the function of the Python script code snippet for the Cisco ASA REST API?
Cisco ASA REST APIPython scriptingFirewall policy configuration
Question #414
An engineer must modify a policy to block specific addresses using Cisco Umbrella. The policy is created already and is actively used by devices, using many of the default policy e...
Cisco UmbrellaUmbrella policiesDestination listsDNS security
Question #415Network Security
An engineer is trying to decide between using L2TP or GRE over IPsec for their site-to-site VPN implementation. What must be understood before choosing a solution?
L2TPGRE over IPsecSite-to-site VPNVPN protocols
Question #416
What is a benefit of using a multifactor authentication strategy?
MFAMulti-factor authenticationIdentity verification
Question #417Secure Network Access, Visibility, and Enforcement
A Cisco ISE engineer configures Central Web Authentication (CWA) for wireless guest access and must have the guest endpoints redirect to the guest portal for authentication and aut...
Cisco ISECentral Web AuthenticationAuthorization ProfilesGuest Portal
Question #418
Which two solutions help combat social engineering and phishing at the endpoint level? (Choose two.)
Cisco UmbrellaCisco Duo SecurityPhishing protectionSocial engineering protection
Question #419
Which role is a default guest type in Cisco ISE?
Cisco ISEGuest AccessDefault Roles
Question #420Secure Network Access, Visibility, and Enforcement
Which two methods must be used to add switches into the fabric so that administrators can control how switches are added into DCNM for private cloud management? (Choose two.)
DCNMSwitch ProvisioningPrivate Cloud ManagementAuto-provisioning
Question #421Network Security
Refer to the exhibit. All servers are in the same VLAN/Subnet. DNS Server-1 and DNS Server-2 must communicate with each other, and communicate with default gateway multilayer switc...
Private VLANsPVLAN port typesNetwork segmentationSwitch security
Question #422Content Security
Refer to the exhibit. When creating an access rule for URL filtering, a network engineer adds certain categories and individual URLs to block. What is the result of the configurati...
URL filteringBotnet protectionReputation filteringSecurity policies
Question #423
Why is it important to have a patching strategy for endpoints?
Patch ManagementVulnerability ManagementEndpoint Security
Question #424
An engineer is configuring Cisco Umbrella and has an identity that references two different policies. Which action ensures that the policy that the identity must use takes preceden...
Cisco Umbrella policiesPolicy precedenceCloud security policies
Question #425
Which security product enables administrators to deploy Kubernetes clusters in air-gapped sites without needing Internet access?
Cisco Container PlatformKubernetes deploymentAir-gapped environmentsContainer security
Question #426Network Security
What is the intent of a basic SYN flood attack?
SYN floodDoS attackTCP handshake
Question #427Cloud Security
An engineer configures new features within the Cisco Umbrella dashboard and wants to identify and proxy traffic that is categorized as risky domains and may contain safe and malici...
Cisco UmbrellaIntelligent ProxyWeb securityDomain filtering
Question #428Endpoint Protection and Detection
Which endpoint solution protects a user from a phishing attack?
Phishing protectionEndpoint securityCisco UmbrellaAnyConnect module
Question #429
What must be enabled to secure SaaS-based applications?
SaaS securityTwo-factor authentication
Question #430
Refer to the exhibit. The DHCP snooping database resides on router R1, and dynamic ARP inspection is configured only on switch SW2. Which ports must be configured as untrusted so t...
DHCP snoopingDynamic ARP InspectionLayer 2 securityARP security
Question #431
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
Cisco router securitypassword encryptiondevice hardening
Question #432
Which security solution protects users leveraging DNS-layer security?
DNS securityCisco Umbrella
Question #433Secure Network Access, Visibility, and Enforcement
Which CoA response code is sent if an authorization state is changed successfully on a Cisco IOS device?
CoARADIUSNetwork Access ControlAuthorization Codes
Question #434
Which security solution uses NetFlow to provide visibility across the network, data center, branch offices, and cloud?
NetFlowNetwork visibilityNetwork analyticsCisco Secure Network Analytics
Question #435
How does a WCCP-configured router identify if the Cisco WSA is functional?
WCCPCisco WSAWCCP health check
Question #436
Which solution supports high availability in routed or transparent mode as well as in northbound and southbound deployments?
Cisco FTD high availabilityCisco FMC managementFirepower deployment modes
Question #437Network Security
Which Cisco ASA Platform mode disables the threat detection features except for Advanced Threat Statistics?
Cisco ASAMultiple Context ModeThreat DetectionASA Features
Question #438
Which benefit does DMVPN provide over GETVPN?
DMVPNGETVPNVPN typesVPN comparison
Question #439
An organization has DHCP servers set up to allocate IP addresses to clients on the LAN. What must be done to ensure the LAN switches prevent malicious DHCP traffic while also distr...
DHCP snoopingSwitch securityLayer 2 security
Question #440
Which two parameters are used to prevent a data breach in the cloud? (Choose two.)
Data Breach PreventionUser AuthenticationEncryptionSecurity Controls
Question #441Secure Network Access, Visibility, and Enforcement
Which technology enables integration between Cisco ISE and other platforms to gather and share network and vulnerability data and SIEM and location information?
Cisco ISEpxGridSecurity integration
Question #442Network Security
Which Cisco DNA Center Intent API action is used to retrieve the number of devices known to a DNA Center?
Cisco DNA CenterIntent APIAPI endpointnetwork device count
Question #443
An organization must add new firewalls to its infrastructure and wants to use Cisco ASA or Cisco FTD. The chosen firewalls must provide methods of blocking traffic that include off...
Cisco FTDCisco ASAInteractive blockingBlocking with reset
Question #4442.0 Content Security
An engineer is configuring web filtering for a network using Cisco Umbrella Secure Internet Gateway. The requirement is that all traffic needs to be filtered. Using the SSL decrypt...
Cisco UmbrellaSSL decryptionRoot certificatesWeb filtering
Question #445
An engineer needs to configure an access control policy rule to always send traffic for inspection without using the default action. Which action should be configured for this rule...
Access Control PolicyTraffic InspectionSecurity Policy Actions
Question #446
When NetFlow is applied to an interface, which component creates the flow monitor cache that is used to collect traffic based on the key and nonkey fields in the configured record?
NetFlowflow monitortraffic collection
Question #447
Which encryption algorithm provides highly secure VPN communications?
VPN encryptionEncryption algorithms
Question #448Secure Network Access, Visibility, and Enforcement
An administrator needs to configure the Cisco ASA via ASDM such that the network management system can actively monitor the host using SNMPv3. Which two tasks must be performed for...
SNMPv3Network MonitoringCisco ASANetwork Management
Question #449Network Security
Which Cisco ASA deployment model is used to filter traffic between hosts in the same IP subnet using higher-level protocols without readdressing the network?
Cisco ASAASA deployment modesTransparent modeFirewall filtering
Question #450Security Concepts
Which function is performed by certificate authorities but is a limitation of registration authorities?
Certificate AuthorityRegistration AuthorityCRL publishingPKI components
Question #451
Which two functions does the Cisco Advanced Phishing Protection solution perform in trying to protect from phishing attacks? (Choose two.)
Cisco Advanced Phishing ProtectionPhishing defenseEmail security

PreviousPage 9 of 19Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.