1 / 6

350-701 VOL1-Question

350-701 Implementing and Operating Cisco Security Core Technologies VOL1

roseevans1
Download Presentation

350-701 VOL1-Question

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 350-701 Implementing and Operating Cisco Security Core Technologies VOL1 QUESTION NO: 1 A malicious entity has targeted the CFO of a corporation in an attempt to trick that person into divulging internal corporate financial information. What of the following best describes the type of attack that is being executed? A.phishing B.whaling C.spear phishing D.DDOS Answer: B QUESTION NO: 2 Which of the following can be implemented to mitigate the risks associated with targeted phishing attacks within a corporation? (Select three) A.URL filtering B.Secure ACLs on all switches C.Regular user awareness training D.Biometric scanning E.implement an email and spam filtering appliance Answer: A, C, E QUESTION NO: 3 Brute force, man-in-the middle, and dictionary-based attacks can all be mitigated by implementing which of the following technologies? A.Access control lists B.Firewalls at all network segments C.SPAM filters D.URL filtering E.Multifactor authentication Answer: E QUESTION NO: 4 © Copyright Prep Solutions Limited, All rights reserved

  2. Which of the following statements are true regarding IKE main mode and aggressive mode? A.Main mode uses 8 packets to establish the first phase of IKE, aggressive mode uses 4 packets. B.Main mode uses 6 packets to establish the first phase of IKE, aggressive mode uses 3 packets. C.Main mode uses 4 packets to establish the first phase of IKE, aggressive mode uses 8 packets. D.Main mode uses 3 packets to establish the first phase of IKE, aggressive mode uses 6 packets. Answer: B QUESTION NO: 5 Which VPN technology is used for mobile users to connect from anywhere to corporate resources without the need any client application to be installed? A.GET VPN B.FLEX VPN C.SSL VPN D.Cisco Anyconnect VPN Answer: C QUESTION NO: 6 Which Cisco based group researches and collects security related threats, published articles on cybersecurity, and offers comprehensive threat intelligence? A.Talos B.PSIRT C.TrustSec D.Cisco ISE Answer: A QUESTION NO: 7 In a Software Defined Networking (SDN), what is used to describe the API communication between the SDN controller and the network elements (routers and switches) that it manages? A.Southbound API © Copyright Prep Solutions Limited, All rights reserved

  3. B.Northbound API C.Westbound API D.Eastbound API. Answer: A QUESTION NO: 8 You have configured a Cisco ASA device in multiple context mode. Which of the following are true regarding multiple context implementations on an ASA? (Select two) A.Only static routes are supported B.VPN configurations are supported C.Multicast is supported D.The admin context is used to configure and administer the other contexts. Answer: A, D QUESTION NO: 9 While troubleshooting an 802.1x implementation, the following output was seen: Interface PAE Client Status ------------------------------------------------------------------------------------------ Gi 0/1 AUTH 000d.bcef.bfdc AUTHORIZED Which command was issued to generate this output? A.show dot1x B.show dot1x all C.show dot1x all summary D.show dot1x interface Gi 0/1 Answer: C QUESTION NO: 10 Netflow version 9 has been implemented on a Cisco ASA. What are the valid NetFlow Secure Event Logging (NSEL) Event ID’s (Select three) A.Flow was allowed B.Flow was denied C.Flow was created © Copyright Prep Solutions Limited, All rights reserved

  4. D.Flow was deleted E.Flow error occurred Answer: B, C, D QUESTION NO: 11 Which of the following are the responsibility of the customer in a cloud-based Platform as a Service (PaaS) offering? (Choose two) A.Application B.Data C.Middleware D.Operating System E.Virtualization Answer: A, B QUESTION NO: 12 Which of the following are the responsibility of the customer in a cloud-based Software as a Service (SaaS) offering? A.Application B.Data C.Middleware D.None of the above Answer: D QUESTION NO: 13 Which of the following scenario’s would most likely result in Company A choosing the deploy a hybrid cloud model? A.Company A has stringent security requirements and wants all data to remain within their network. B.Company A just allocated a large number of resources and networking equipment within their data center. C.Company A is concerned about security, but understands that some data can leave their network in order to increase efficiency. D.Company A has little to no staff that is capable of managing networking or data center equipment © Copyright Prep Solutions Limited, All rights reserved

  5. Answer: C QUESTION NO: 14 Which of the following are benefits of utilizing Application Programming Interfaces (APIs) in the network? (Choose two) A.Increased efficiency in network management through the use of automation. B.Better integration with third party applications. C.Eliminates the need for native management tools. D.APIs are required for most BYOD deployments. Answer: A, B QUESTION NO: 15 How does Cisco Stealthwatch Enterprise receive telemetry data from endpoints? A.Firewall and Router logs B.syslog messages C.flow data, including NetFlow, IPFIX, and sFlow D.IPS/IDS sensor logs and data Answer: C QUESTION NO: 16 A disgruntled employee has just left the company. Which of the following deployments is best suited to secure the data within that employees BYOD device? A.Mobile Device Management (MDM) B.Cisco DNA Center C.Cisco Umbrella D.Integrated APIs for BYOD devise. Answer: A QUESTION NO: 17 How does Cisco Stealthwatch Cloud receive telemetry data from endpoints? (Select two) © Copyright Prep Solutions Limited, All rights reserved

  6. A.flow data, including NetFlow, IPFIX, and sFlow B.VPC flow data from Amazaon We Services (AWS) C.IPS/IDS sensor logs and data D.Flow data from Microsoft Azure E.syslog data Answer: B, D QUESTION NO: 18 What are two valid reasons for implementing retrospective security in a network? (Select two) A.Find malware that was previously unidentified B.updating firewall rules to deny traffic that was allowed C.Updating IPS/IDS signatures D.Tracing the path that a file took over a period of time Answer: A, D QUESTION NO: 19 How does the Cisco Umbrella product offering determine the policy that should be applied for inbound DNS requests? A.Customers are assigned DNS resolvers individually to use for all DNS requests B.Cisco Umbrella users select the policy to use in the Umbrella client application. C.Cisco Umbrella users select the policy to use from the GUI based dashboard. D.Cisco Umbrella determines the policy based on the source IP address of the DNS request. Answer: D QUESTION NO: 20 Which of the following application layer preprocessor on the Cisco Firepower platform is responsible for decoding and normalizing web-based requests sent using HTTP and the associated responses received from web servers? A.DNS Preprocessor B.HTTP Inspect Preprocessor C.Web Preprocessor D.SSL Preprocessor Answer: B © Copyright Prep Solutions Limited, All rights reserved

More Related