• Home
  • Articles
  • [Q162-Q182] Updated Jan-2024 Exam Engine or PDF for the 350-701 Tests Free Updated Today!

[Q162-Q182] Updated Jan-2024 Exam Engine or PDF for the 350-701 Tests Free Updated Today!

Share

Updated Jan-2024 Exam Engine or PDF for the 350-701 Tests Free Updated Today!

Ultimate Guide to Prepare 350-701 with Accurate PDF Questions

NEW QUESTION # 162
Which two capabilities does TAXII support? (Choose two)

  • A. Mitigating
  • B. Binding
  • C. Pull messaging
  • D. Exchange
  • E. Correlation

Answer: C,D

Explanation:
The Trusted Automated eXchangeof Indicator Information (TAXII) specifies mechanisms for exchanging structured cyber threat information between parties over the network.
TAXII exists to provide specific capabilities to those interested in sharing structured cyber threat information.
TAXII Capabilities are the highest level at which TAXII actions can be described. There are three capabilities that this version of TAXII supports: push messaging, pull messaging, and discovery.
Although there is no "binding" capability in the list but it is the best answer here.


NEW QUESTION # 163
Which two fields are defined in the NetFlow flow? {Choose two.)

  • A. class of service bits
  • B. output logical interface
  • C. type of service byte
  • D. destination port
  • E. Layer 4 protocol type

Answer: C,D

Explanation:
Reference:


NEW QUESTION # 164
A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen on the network. Which two actions should be selected to allow the traffic to pass without inspection? (Choose two)

  • A. monitor
  • B. allow
  • C. permit
  • D. trust
  • E. reset

Answer: A,D

Explanation:
Each rule also has an action, which determines whether you monitor, trust, block, or allow matching traffic.
Note: With action "trust", Firepower does not do any more inspection on the traffic. There will be no intrusion protection and also no file-policy on this traffic.


NEW QUESTION # 165
Which feature is supported when deploying Cisco ASAv within AWS public cloud?

  • A. IPv6
  • B. multiple context mode
  • C. user deployment of Layer 3 networks
  • D. clustering

Answer: C


NEW QUESTION # 166
Based on the NIST 800-145 guide, which cloud architecture may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises?

  • A. public cloud
  • B. hybrid cloud
  • C. private cloud
  • D. community cloud

Answer: D


NEW QUESTION # 167
A Cisco ISE engineer configures Central Web Authentication (CWA) for wireless guest access and must have the guest endpoints redirect to the guest portal for authentication and authorization. While testing the policy, the engineer notices that the device is not redirected and instead gets full guest access. What must be done for the redirect to work?

  • A. Use the track movement option within the authorization profile for the authorization policy line that the unauthenticated devices hit.
  • B. Create an advanced attribute setting of Cisco:cisco-gateway-id=guest within the authorization profile for the authorization policy line that the unauthenticated devices hit.
  • C. Add the DACL name for the Airespace ACL configured on the WLC in the Common Tasks section of the authorization profile for the authorization policy line that the unauthenticated devices hit.
  • D. Tag the guest portal in the CWA part of the Common Tasks section of the authorization profile for the authorization policy line that the unauthenticated devices hit.

Answer: B


NEW QUESTION # 168
What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol?

  • A. SMTP
  • B. STIX
  • C. pxGrid
  • D. XMPP

Answer: B

Explanation:
Explanation
TAXII (Trusted Automated Exchange of Indicator Information) is a standard that provides a transport


NEW QUESTION # 169
What is the primary difference between an Endpoint Protection Platform and an Endpoint Detection and Response?

  • A. EPP focuses on network security, and EDR focuses on device security.
  • B. EDR focuses on prevention, and EPP focuses on advanced threats that evade perimeter defenses.
  • C. EDR focuses on network security, and EPP focuses on device security.
  • D. EPP focuses on prevention, and EDR focuses on advanced threats that evade perimeter defenses.

Answer: D


NEW QUESTION # 170
What is the function of SDN southbound API protocols?

  • A. to allow for the dynamic configuration of control plane applications
  • B. to enable the controller to use REST
  • C. to enable the controller to make changes
  • D. to allow for the static configuration of control plane applications

Answer: C

Explanation:


NEW QUESTION # 171
What is a characteristic of traffic storm control behavior?

  • A. Traffic storm control uses the Individual/Group bit in the packet source address to determine if the packet is unicast or broadcast.
  • B. Traffic storm control drops all broadcast and multicast traffic if the combined traffic exceeds the level within the interval.
  • C. Traffic storm control monitors incoming traffic levels over a 10-second traffic storm control interval.
  • D. Traffic storm control cannot determine if the packet is unicast or broadcast.

Answer: B

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/routers/7600/ios/12-1E/configuration/guide/storm.html


NEW QUESTION # 172
Drag and drop the descriptions from the left onto the encryption algorithms on the right.

Answer:

Explanation:


NEW QUESTION # 173
Drag and drop the descriptions from the left onto the encryption algorithms on the right.

Answer:

Explanation:


NEW QUESTION # 174

Refer to the exhibit. Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?

  • A. show authentication sessions
  • B. show authentication registrations
  • C. show authentication method
  • D. show dot1x all

Answer: C


NEW QUESTION # 175
Drag and drop the posture assessment flow actions from the left into a sequence on the right.

Answer:

Explanation:


NEW QUESTION # 176
Which network monitoring solution uses streams and pushes operational data to provide a near real-time view of activity?

  • A. syslog
  • B. SMTP
  • C. model-driven telemetry
  • D. SNMP

Answer: C

Explanation:
The traditional use of the pull model, where the client requests data from the network does not scale when what you want is near real-time data. Moreover, in some use cases, there is the need to be notified only when some data changes, like interfaces status, protocol neighbors change etc.
Model-Driven Telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics.
Applications can subscribe to specific data items they need, by using standard-based YANG data models over NETCONF-YANG. Cisco IOS XE streaming telemetry allows to push data off of the device to an external collector at a much higher frequency, more efficiently, as well as data on-change streaming.
The traditional use of the pull model, where the client requests data from the network does not scale when what you want is near real-time data. Moreover, in some use cases, there is the need to be notified only when some data changes, like interfaces status, protocol neighbors change etc.
Model-Driven Telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics.
Applications can subscribe to specific data items they need, by using standard-based YANG data models over NETCONF-YANG. Cisco IOS XE streaming telemetry allows to push data off of the device to an external collector at a much higher frequency, more efficiently, as well as data on-change streaming.
The traditional use of the pull model, where the client requests data from the network does not scale when what you want is near real-time data. Moreover, in some use cases, there is the need to be notified only when some data changes, like interfaces status, protocol neighbors change etc.
Model-Driven Telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics.
Applications can subscribe to specific data items they need, by using standard-based YANG data models over NETCONF-YANG. Cisco IOS XE streaming telemetry allows to push data off of the device to an external collector at a much higher frequency, more efficiently, as well as data on-change streaming.


NEW QUESTION # 177
R157

Which type of authentication is in use?

  • A. SMTP relay server authentication
  • B. LDAP authentication for Microsoft Outlook
  • C. external user and relay mail authentication
  • D. POP3 authentication

Answer: B


NEW QUESTION # 178
Which attack is commonly associated with C and C++ programming languages?

  • A. buffer overflow
  • B. water holing
  • C. DDoS
  • D. cross-site scripting

Answer: A

Explanation:
A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the data to the buffer overwrites adjacent memory locations.
Buffer overflow is a vulnerability in low level codes of C and C++. An attacker can cause the program to crash, make data corrupt, steal some private information or run his/her own code. It basically means to access any buffer outside of it's alloted memory space. This happens quite frequently in the case of arrays.


NEW QUESTION # 179
Refer to the exhibit.

Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense appliance. What is causing this issue?

  • A. Site-to-site VPN preshared keys are mismatched.
  • B. Site-to-site VPN peers are using different encryption algorithms.
  • C. No split-tunnel policy is defined on the Firepower Threat Defense appliance.
  • D. The access control policy is not allowing VPN traffic in.

Answer: C


NEW QUESTION # 180
A network administrator configures Dynamic ARP Inspection on a switch. After Dynamic ARP Inspection is applied, all users on that switch are unable to communicate with any destination. The network administrator checks the interface status of all interfaces, and there is no err-disabled interface. What is causing this problem?

  • A. Dynamic ARP Inspection has not been enabled on all VLANs
  • B. The no ip arp inspection trust command is applied on all user host interfaces
  • C. DHCP snooping has not been enabled on all VLANs.
  • D. The ip arp inspection limit command is applied on all interfaces and is blocking the traffic of all users.

Answer: B


NEW QUESTION # 181
How does a WCCP-configured router identify if the Cisco WSA is functional?

  • A. The WSA sends a Here-l-Am message every 10 seconds, and the router acknowledges with an ISee-You message.
  • B. The router sends a Here-l-Am message every 10 seconds, and the WSA acknowledges with an ISee-You message.
  • C. If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the router.
  • D. If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the WSA.

Answer: A


NEW QUESTION # 182
......


Cisco 350-701 exam is essential for IT professionals who wish to advance their careers in security. Implementing and Operating Cisco Security Core Technologies certification not only validates their knowledge and skills but also demonstrates their commitment to continuous learning and professional development. The Cisco CCNP Security certification is recognized globally and is highly regarded by employers, making it a valuable asset for IT professionals seeking career advancement opportunities.

 

Pass Cisco With VCEPrep Exam Dumps: https://testking.vceprep.com/350-701-latest-vce-prep.html

Related Articles

more
Cisco 350-701 Certification Practice Exam