Cisco 350-701 Dumps Questions Answers

Cisco 350-701 Dumps

Dumps4download providing 100% reliable Exam dumps that are verified by experts panel. Our Dumps4download 350-701 study material are totally unique and exam questions are valid all over the world. By using our 350-701 dumps we assure you that you will pass your exam on first attempt. You can easily score more than 97%.

100% exam passing Guarantee on your purchased exams.

100% money back guarantee if you will not clear your exam.

Cisco 350-701 Practice Test Helps You Turn Dreams To Reality!

IT Professionals from every sector are looking up certifications to boost their careers. Cisco being the leader certification provider earns the most demand in the industry.

The Cisco Certification is your short-cut to an ever-growing success. In the process, Dumps4download is your strongest coordinator, providing you with the best 350-701 Dumps PDF as well as Online Test Engine. Let’s steer your career to a more stable future with interactive and effective 350-701 Practice Exam Dumps.

Many of our customers are already excelling in their careers after achieving their goals with our help. You can too be a part of that specialized bunch with a little push in the right direction. Let us help you tread the heights of success.

Apply for the 350-701 Exam right away so you can get certified by using our Cisco Dumps.

Bulk Exams Package

Dumps4download Leads You To A 100% Success in First Attempt!

Our 350-701 Dumps PDF is intended to meet the requirements of the most suitable method for exam preparation. We especially hired a team of experts to make sure you get the latest and compliant 350-701 Practice Test Questions Answers. These questions are been selected according to the most relevance as well as the highest possibility of appearing in the exam. So, you can be sure of your success in the first attempt.

Interactive & Effective 350-701 Dumps PDF + Online Test Engine

Aside from our Cisco 350-701 Dumps PDF, we invest in your best practice through Online Test Engine. They are designed to reflect the actual exam format covering each topic of your exam. Also, with our interactive interface focusing on the exam preparation is easier than ever. With an easy-to-understand, interactive and effective study material assisting you there is nothing that could go wrong. We are 100% sure that our 350-701 Questions Answers Practice Exam is the best choice you can make to pass the exam with top score.

How Dumps4download Creates Better Opportunities for You!

Dumps4download knows how hard it is for you to beat this tough Cisco Exam terms and concepts. That is why to ease your preparation we offer the best possible training tactics we know best. Online Test Engine provides you an exam-like environment and PDF helps you take your study guide wherever you are. Best of all, you can download 350-701 Dumps PDF easily or better print it. For the purpose of getting concepts across as easily as possible, we have used simple language. Adding explanations at the end of the 350-701 Questions and Answers Practice Test we ensure nothing slips your grasp.

The exam stimulation is 100 times better than any other test material you would encounter. Besides, if you are troubled with anything concerning Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) Exam or the 350-701 Dumps PDF, our 24/7 active team is quick to respond. So, leave us a message and your problem will be solved in a few minutes.

Get an Absolutely Free Demo Today!

Dumps4download offers an absolutely free demo version to test the product with sample features before actually buying it. This shows our concern for your best experience. Once you are thoroughly satisfied with the demo you can get the Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) Practice Test Questions instantly.

24/7 Online Support – Anytime, Anywhere

Have a question? You can contact us anytime, anywhere. Our 24/7 Online Support makes sure you have absolutely no problem accessing or using Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) Practice Exam Dumps. What’s more, Dumps4download is mobile compatible so you can access the site without having to log in to your Laptop or PC.

Features to use Dumps4download 350-701 Dumps:

• Thousands of satisfied customers.
• Good grades are 100% guaranteed.
• 100% verified by Experts panel.
• Up to date exam data.
• Dumps4download data is 100% trustworthy.
• Passing ratio more than 99%
• 100% money back guarantee.

Cisco 350-701 Frequently Asked Questions

Cisco 350-701 Sample Questions

Question # 1

What provides total management for mobile and PC including managing inventory and device tracking, remote view, and live troubleshooting using the included native remote desktop support? 

A. mobile device management 
B. mobile content management 
C. mobile application management 
D. mobile access management

Show Answer

---

Question # 2

Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.)

A. flow-export event-type 
B. policy-map 
C. access-list 
D. flow-export template timeout-rate 15 
E. access-group 

Show Answer

---

Question # 3

Which characteristic is unique to a Cisco WSAv as compared to a physical appliance?

A. supports VMware vMotion on VMware ESXi B. requires an additional license C. performs transparent redirection D. supports SSL decryption
A. supports VMware vMotion on VMware ESXi 
B. requires an additional license 
C. performs transparent redirection 
D. supports SSL decryption

Show Answer

---

Question # 4

What is the most commonly used protocol for network telemetry?

A. SMTP 
B. SNMP 
C. TFTP 
D. NctFlow 

Show Answer

---

Question # 5

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https:///capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

A. Disable the proxy setting on the browser
 B. Disable the HTTPS server and use HTTP instead 
C. Use the Cisco FTD IP address as the proxy server setting on the browser 
D. Enable the HTTPS server for the device platform policy 

Show Answer

---

Question # 6

What is a functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client? 

A. The Umbrella Roaming client stops and tracks malicious activity on hosts, and AMP for Endpoints tracks only URL-based threats. 
B. The Umbrella Roaming Client authenticates users and provides segmentation, and AMP for Endpoints allows only for VPN connectivity 
C. AMP for Endpoints authenticates users and provides segmentation, and the Umbrella Roaming Client allows only for VPN connectivity. 
D. AMP for Endpoints stops and tracks malicious activity on hosts, and the Umbrella Roaming Client tracks only URL-based threats. 

Show Answer

---

Question # 7

An engineer is configuring Dropbox integration with Cisco Cloudlock. Which action must be taken before granting API access in the Dropbox admin console? 

A. Authorize Dropbox within the Platform settings in the Cisco Cloudlock portal. 
B. Add Dropbox to the Cisco Cloudlock Authentication and API section in the Cisco Cloudlock portal.
 C. Send an API request to Cisco Cloudlock from Dropbox admin portal. 
D. Add Cisco Cloudlock to the Dropbox admin portal. 

Show Answer

---

Question # 8

Which API method and required attribute are used to add a device into Cisco DNA Center with the native API? 

A. GET and serialNumber
 B. userSudiSerlalNos and deviceInfo 
C. POST and name 
D. lastSyncTime and pid 

Show Answer

---

Question # 9

What does endpoint isolation in Cisco AMP for Endpoints security protect from?

A. an infection spreading across the network E 
B. a malware spreading across the user device 
C. an infection spreading across the LDAP or Active Directory domain from a user account 
D. a malware spreading across the LDAP or Active Directory domain from a user account

Show Answer

---

Question # 10

What are two benefits of using an MDM solution? (Choose two.)

A. grants administrators a way to remotely wipe a lost or stolen device 
B. provides simple and streamlined login experience for multiple applications and users 
C. native integration that helps secure applications across multiple cloud platforms or onpremises environments 
D. encrypts data that is stored on endpoints 
E. allows for centralized management of endpoint device applications and configurations 

Show Answer

---

Question # 11

An engineer is configuring cloud logging using a company-managed Amazon S3 bucket for Cisco Umbrella logs. What benefit does this configuration provide for accessing log data? 

A. It is included m the license cost for the multi-org console of Cisco Umbrella 
B. It can grant third-party SIEM integrations write access to the S3 bucket
 C. No other applications except Cisco Umbrella can write to the S3 bucket 
D. Data can be stored offline for 30 days. 

Show Answer

---

Question # 12

Email security has become a high priority task for a security engineer at a large multinational organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10 00 to -6 00) on the Cisco ESA Which action will the system perform to disable any links in messages that match the filter?

A. Defang 
B. Quarantine
 C. FilterAction 
D. ScreenAction 

Show Answer

---

Question # 13

Client workstations are experiencing extremely poor response time. An engineer suspects that an attacker is eavesdropping and making independent connections while relaying messages between victims to make them think they are talking to each other over a private connection. Which feature must be enabled and configured to provide relief from this type of attack? 

A. Link Aggregation 
B. Reverse ARP 
C. private VLANs 
D. Dynamic ARP Inspection

Show Answer

---

Question # 14

Which two protocols must be configured to authenticate end users to the Web Security Appliance? (Choose two.)

A. NTLMSSP
 B. Kerberos 
C. CHAP 
D. TACACS+ 
E. RADIUS 

Show Answer

---

Question # 15

Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatures on endpoints and then quarantine the files?

A. Configure an advanced custom detection list. 
B. Configure an IP Block & Allow custom detection list 
C. Configure an application custom detection list 
D. Configure a simple custom detection list 

Show Answer

---

Question # 16

How does Cisco Workload Optimization portion of the network do EPP solutions solely performance issues?

A. It deploys an AWS Lambda system 
B. It automates resource resizing
 C. It optimizes a flow path 
D. It sets up a workload forensic score

Show Answer

---

Question # 17

Which Cisco Firewall solution requires zone definition? 

A. CBAC
 B. Cisco AMP 
C. ZBFW 
D. Cisco ASA 

Show Answer

---

Question # 18

Which Cisco DNA Center RESTful PNP API adds and claims a device into a workflow?

A. api/v1/fie/config 
B. api/v1/onboarding/pnp-device/import 
C. api/v1/onboarding/pnp-device 
D. api/v1/onboarding/workflow 

Show Answer

---

Question # 19

Which capability is provided by application visibility and control?

A. reputation filtering
B. data obfuscation 
C. data encryption 
D. deep packet inspection 

Show Answer

---

Question # 20

When network telemetry is implemented, what is important to be enabled across all network infrastructure devices to correlate different sources?

A. CDP 
B. NTP 
C. syslog 
D. DNS 

Show Answer

---

Question # 21

What is a benefit of using Cisco Umbrella?

A. DNS queries are resolved faster. 
B. Attacks can be mitigated before the application connection occurs. 
C. Files are scanned for viruses before they are allowed to run.
 D. It prevents malicious inbound traffic. 

Show Answer

---

Question # 22

Which two criteria must a certificate meet before the WSA uses it to decrypt application traffic? (Choose two.)

A. It must include the current date. 
B. It must reside in the trusted store of the WSA. 
C. It must reside in the trusted store of the endpoint. 
D. It must have been signed by an internal CA. 
E. it must contain a SAN. 

Show Answer

---

Question # 23

A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.) 

A. Segment different departments to different IP blocks and enable Dynamic ARp inspection on all VLANs 
B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.
 C. Ensure that a user cannot enter the network of another department. 
D. Perform a posture check to allow only network access to (hose Windows devices that are already patched. 
E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW. ni 

Show Answer

---

Question # 24

Refer to the exhibit When configuring this access control rule in Cisco FMC, what happens with the traffic destined to the DMZjnside zone once the configuration is deployed?

A. All traffic from any zone to the DMZ_inside zone will be permitted with no further inspection 
B. No traffic will be allowed through to the DMZ_inside zone regardless of if it's trusted or not 
C. All traffic from any zone will be allowed to the DMZ_inside zone only after inspection 
D. No traffic will be allowed through to the DMZ_inside zone unless it's already trusted 

Show Answer

---

Question # 25

Email security has become a high priority task for a security engineer at a large multinational organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10 00 to -6 00) on the Cisco ESA Which action will the system perform to disable any links in messages that match the filter? 

A. Defang 
B. Quarantine
 C. FilterAction 
D. ScreenAction 

Show Answer

---

Question # 26

What are two workloaded security models? (Choose two)

A. SaaS 
B. IaaS 
C. on-premises 
D. off-premises 
E. PaaS 

Show Answer

---

Question # 27

Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two)

A. posture assessment 
B. aaa authorization exec default local 
C. tacacs-server host 10.1.1.250 key password 
D. aaa server radius dynamic-author 
E. CoA

Show Answer

---

Question # 28

Which open standard creates a framework for sharing threat intelligence in a machinedigestible format? 

A. OpenC2 
B. OpenlOC 
C. CybOX 
D. STIX 

Show Answer

---

Question # 29

What is a characteristic of an EDR solution and not of an EPP solution?

A. stops all ransomware attacks 
B. retrospective analysis 
C. decrypts SSL traffic for better visibility 
D. performs signature-based detection 

Show Answer

---

Question # 30

What is the purpose of the Cisco Endpoint loC feature?

A. It provides stealth threat prevention.
 B. lt is a signature-based engine. 
C. lt is an incident response tool 
D. It provides precompromise detection.

Show Answer

---

Question # 31

An organization is implementing AAA for their users. They need to ensure that authorization is verified for every command that is being entered by the network administrator. Which protocol must be configured in order to provide this capability?

A. EAPOL 
B. SSH 
C. RADIUS 
D. TACACS+ 

Show Answer

---

Question # 32

Which feature is used in a push model to allow for session identification, host reauthentication, and session termination?

A. AAA attributes 
B. CoA request 
C. AV pair 
D. carrier-grade NAT

Show Answer

---

Question # 33

How does Cisco AMP for Endpoints provide next-generation protection? 

A. It encrypts data on user endpoints to protect against ransomware. 
B. It leverages an endpoint protection platform and endpoint detection and response. 
C. It utilizes Cisco pxGrid, which allows Cisco AMP to pull threat feeds from threat intelligence centers. 
D. It integrates with Cisco FTD devices. 

Show Answer

---

Question # 34

Refer to the exhibit. What is the result of using this authentication protocol in the configuration? 

A. The authentication request contains only a username. 
B. The authentication request contains only a password. 
C. There are separate authentication and authorization request packets. 
D. The authentication and authorization requests are grouped in a single packet. 

Show Answer

---

Question # 35

Refer to the exhibit. What function does the API key perform while working with https://api.amp.cisco.com/v1/computers? 

A. imports requests 
B. HTTP authorization 
C. HTTP authentication 
D. plays dent ID 

Show Answer

---

Question # 36

Which two capabilities does an MDM provide? (Choose two.)

A. delivery of network malware reports to an inbox in a schedule 
B. unified management of mobile devices, Macs, and PCs from a centralized dashboard 
C. enforcement of device security policies from a centralized dashboard 
D. manual identification and classification of client devices 
E. unified management of Android and Apple devices from a centralized dashboard 

Show Answer

---

Question # 37

What are two benefits of using Cisco Duo as an MFA solution? (Choose two.) 

A. grants administrators a way to remotely wipe a lost or stolen device 
B. provides simple and streamlined login experience for multiple applications and users 
C. native integration that helps secure applications across multiple cloud platforms or onpremises environments
 D. encrypts data that is stored on endpoints
 E. allows for centralized management of endpoint device applications and configurations 

Show Answer

---

Question # 38

Which security solution is used for posture assessment of the endpoints in a BYOD solution?

A. Cisco FTD 
B. Cisco ASA 
C. Cisco Umbrella 
D. Cisco ISE

Show Answer

---

Question # 39

Refer to the exhibit. All servers are in the same VLAN/Subnet. DNS Server-1 and DNS Server-2 must communicate with each other, and all servers must communicate with default gateway multilayer switch. Which type of private VLAN ports should be configured to prevent communication between DNS servers and the file server?

A. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as isolated port, and GigabitEthernet0/3 and GigabitEthernet0/4 as promiscuous ports. 
B. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as promiscuous port, Gigabit Ethernet0/3 and GigabitEthernet0/4 as isolated ports C. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as isolated port and GigabitEthernet0/3 and GrgabitEthernet0/4 as community ports 
C. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as community port, and GigabitEthernet0/3 and GrgabitEthernet0/4 as isolated ports. 

Show Answer

---

Question # 40

What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two.) 

A. REST uses methods such as GET, PUT, POST, and DELETE. 
B. REST codes can be compiled with any programming language. 
C. REST is a Linux platform-based architecture. 
D. The POST action replaces existing data at the URL path. 
E. REST uses HTTP to send a request to a web service. 

Show Answer

---

Question # 41

Which command is used to log all events to a destination colector 209.165.201.107?

A. CiscoASA(config-pmap-c)#flow-export event-type flow-update destination 209.165.201.10 
B. CiscoASA(config-cmap)# flow-export event-type all destination 209.165.201. 
C. CiscoASA(config-pmap-c)#flow-export event-type all destination 209.165.201.10 
D. CiscoASA(config-cmap)#flow-export event-type flow-update destination 209.165.201.10 

Show Answer

---

Question # 42

Which open standard creates a framework for sharing threat intelligence in a machinedigestible format?

A. OpenC2 
B. OpenlOC 
C. CybOX 
D. STIX 

Show Answer

---

Question # 43

During a recent security audit a Cisco IOS router with a working IPSEC configuration using IKEv1 was flagged for using a wildcard mask with the crypto isakmp key command The VPN peer is a SOHO router with a dynamically assigned IP address Dynamic DNS has been configured on the SOHO router to map the dynamic IP address to the host name of vpn sohoroutercompany.com In addition to the command crypto isakmp key Cisc425007536 hostname vpn.sohoroutercompany.com what other two commands are now required on the Cisco IOS router for the VPN to continue to function after the wildcard command is removed? (Choose two)

A. ip host vpn.sohoroutercompany.eom 
B. crypto isakmp identity hostname 
C. Add the dynamic keyword to the existing crypto map command 
D. fqdn vpn.sohoroutercompany.com 
E. ip name-server 

Show Answer

---

Question # 44

What is the process In DevSecOps where all changes In the central code repository are merged and synchronized?

A. CD 
B. EP 
C. CI 
D. QA 

Show Answer

---

Question # 45

Which algorithm is an NGE hash function?

A. HMAC 
B. SHA-1 
C. MD5 
D. SISHA-2

Show Answer

---

Question # 46

Which function is performed by certificate authorities but is a limitation of registration authorities?

A. accepts enrollment requests 
B. certificate re-enrollment 
C. verifying user identity 
D. CRL publishing 

Show Answer

---

Question # 47

What is the purpose of a NetFlow version 9 template record?

A. It specifies the data format of NetFlow processes. 
B. It provides a standardized set of information about an IP flow. 
C. lt defines the format of data records. 
D. It serves as a unique identification number to distinguish individual data records

Show Answer

---

Question # 48

What is the term for the concept of limiting communication between applications or containers on the same node?

A. container orchestration 
B. software-defined access 
C. microservicing 
D. microsegmentation 

Show Answer

---

Question # 49

Which Cisco security solution stops exfiltration using HTTPS?

A. Cisco FTD 
B. Cisco AnyConnect 
C. Cisco CTA 
D. Cisco ASA 

Show Answer

---

Question # 50

A company identified a phishing vulnerability during a pentest What are two ways the company can protect employees from the attack? (Choose two.) 

A. using Cisco Umbrella
 B. using Cisco ESA 
C. using Cisco FTD 
D. using an inline IPS/IDS in the network 
E. using Cisco ISE 

Show Answer

---

Question # 51

An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing file named abc424952615.exe without quarantining that file What type of Outbreak Control list must the SHA.-256 hash value for the file be added to in order to accomplish this? 

A. Advanced Custom Detection 
B. Blocked Application 
C. Isolation 
D. Simple Custom Detection 

Show Answer

---

Question # 52

Which Cisco solution integrates Encrypted Traffic Analytics to perform enhanced visibility,promote compliance,shorten response times, and provide administrators with the information needed to provide educated and automated decisions to secure the environment?

A. Cisco DNA Center 
B. Cisco SDN 
C. Cisco ISE 
D. Cisco Security Compiance Solution 

Show Answer

---

Question # 53

Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls? 

A. NTP 
B. syslog 
C. SNMP 
D. NetFlow

Show Answer

---

Question # 54

An engineer musí set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used?

A. sticky 
B. static 
C. aging
 D. maximum 

Show Answer

---

Question # 55

What is a function of Cisco AMP for Endpoints? 

A. It detects DNS attacks 
B. It protects against web-based attacks 
C. It blocks email-based attacks 
D. It automates threat responses of an infected host 

Show Answer

---

Question # 56

Which feature requires that network telemetry be enabled?

A. per-interface stats
 B. SNMP trap notification 
C. Layer 2 device discovery 
D. central syslog system 

Show Answer

---

Question # 57

An engineer is adding a Cisco router to an existing environment. NTP authentication is configured on all devices in the environment with the command ntp authentication-key 1 md5 Clsc427128380. There are two routers on the network that are configured as NTP servers for redundancy, 192.168.1.110 and 192.168.1.111. 192.168.1.110 is configured as the authoritative time source. What command must be configured on the new router to use 192.168.1.110 as its primary time source without the new router attempting to offer time to existing devices?

A. ntp server 192.168.1.110 primary key 1 
B. ntp peer 192.168.1.110 prefer key 1 
C. ntp server 192.168.1.110 key 1 prefer 
D. ntp peer 192.168.1.110 key 1 primary

Show Answer

---

Question # 58

DoS attacks are categorized as what?

 A. phishing attacks 
B. flood attacks 
C. virus attacks 
D. trojan attacks

Show Answer

---

Question # 59

Which ESA implementation method segregates inbound and outbound email?

A. one listener on a single physical Interface 
B. pair of logical listeners on a single physical interface with two unique logical IPv4 addresses and one IPv6 address 
C. pair of logical IPv4 listeners and a pair Of IPv6 listeners on two physically separate interfaces 
D. one listener on one logical IPv4 address on a single logical interface 

Show Answer

---

Question # 60

DoS attacks are categorized as what?

A. phishing attacks 
B. flood attacks 
C. virus attacks 
D. trojan attacks 

Show Answer

---

Question # 61

Which feature does the laaS model provide?

A. granular control of data
 B. dedicated, restricted workstations 
C. automatic updates and patching of software
 D. software-defined network segmentation 

Show Answer

---

Question # 62

Which threat intelligence standard contains malware hashes?

A. structured threat information expression 
B. advanced persistent threat 
C. trusted automated exchange or indicator information 
D. open command and control

Show Answer

---

Question # 63

An engineer is implementing DHCP security mechanisms and needs the ability to add additional attributes to profiles that are created within Cisco ISE Which action accomplishes this task?

A. Define MAC-to-lP address mappings in the switch to ensure that rogue devices cannot get an IP address 
B. Use DHCP option 82 to ensure that the request is from a legitimate endpoint and send the information to Cisco ISE 
C. Modify the DHCP relay and point the IP address to Cisco ISE. 
D. Configure DHCP snooping on the switch VLANs and trust the necessary interfaces 

Show Answer

---

Question # 64

An engineer recently completed the system setup on a Cisco WSA Which URL information does the system send to SensorBase Network servers?

A. Summarized server-name information and MD5-hashed path information 
B. complete URL,without obfuscating the path segments 
C. URL information collected from clients that connect to the Cisco WSA using Cisco AnyConnect 
D. none because SensorBase Network Participation is disabled by default 

Show Answer

---

Question # 65

What is a benefit of using GET VPN over FlexVPN within a VPN deployment? 

A. GET VPN supports Remote Access VPNs 
B. GET VPN natively supports MPLS and private IP networks 
C. GET VPN uses multiple security associations for connections 
D. GET VPN interoperates with non-Cisco devices

Show Answer

---

Question # 66

Why should organizations migrate to a multifactor authentication strategy? 

A. Multifactor authentication methods of authentication are never compromised 
B. Biometrics authentication leads to the need for multifactor authentication due to its ability to be hacked easily 
C. Multifactor authentication does not require any piece of evidence for an authentication mechanism 
D. Single methods of authentication can be compromised more easily than multifactor authentication 

Show Answer

---

Question # 67

Which API method and required attribute are used to add a device into DNAC with the native API?

A. lastSyncTime and pid 
B. POST and name 
C. userSudiSerialNos and devicelnfo 
D. GET and serialNumber 

Show Answer

---

Question # 68

What is the difference between EPP and EDR?

A. EPP focuses primarily on threats that have evaded front-line defenses that entered the environment. 
B. Having an EPP solution allows an engineer to detect, investigate, and remediate modern threats. 
C. EDR focuses solely on prevention at the perimeter. 
D. Having an EDR solution gives an engineer the capability to flag offending files at the first sign of malicious behavior. 

Show Answer

---

Question # 69

What is a benefit of flexible NetFlow records?

A. They are used for security 
B. They are used for accounting 
C. They monitor a packet from Layer 2 to Layer 5 
D. They have customized traffic identification 

Show Answer

---

Question # 70

Which feature must be configured before implementing NetFlow on a router? 

A. SNMPv3 
B. syslog 
C. VRF
 D. IP routing 

Show Answer

---

Question # 71

A company recently discovered an attack propagating throughout their Windows network via a file named abc428565580xyz exe The malicious file was uploaded to a Simple Custom Detection list in the AMP for Endpoints Portal and the currently applied policy for the Windows clients was updated to reference the detection list Verification testing scans on known infected systems shows that AMP for Endpoints is not detecting the presence of this file as an indicator of compromise What must be performed to ensure detection of the malicious file?

A. Upload the malicious file to the Blocked Application Control List 
B. Use an Advanced Custom Detection List instead of a Simple Custom Detection List 
C. Check the box in the policy configuration to send the file to Cisco Threat Grid for dynamic analysis 
D. Upload the SHA-256 hash for the file to the Simple Custom Detection List

Show Answer

---

Testimonials

Write a review

Name *

Email *

Review *

Submit