cisco 350-701 practice test

implementing and operating cisco security core technologies

Last exam update: Oct 07 ,2024
Page 1 out of 56. Viewing questions 1-10 out of 555

Question 1

Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?

  • A. transparent
  • B. redirection
  • C. forward
  • D. proxy gateway
Mark Question:
Answer:

a


Reference:
https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117940-qa-wsa-00.html

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

A Cisco FirePower administrator needs to configure a rule to allow a new application that has never been seen on the network. Which two actions should be selected to allow the traffic to pass without inspection? (Choose two.)

  • A. permit
  • B. allow
  • C. reset
  • D. trust
  • E. monitor
Mark Question:
Answer:

bd

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 3

Which Cisco cloud security software centrally manages policies on multiple platforms such as Cisco ASA, Cisco Firepower, Cisco Meraki, and AWS?

  • A. Cisco Defense Orchestrator
  • B. Cisco Configuration Professional
  • C. Cisco Secureworks
  • D. Cisco DNAC
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

What does Cisco ISE use to collect endpoint attributes that are used in profiling?

  • A. probes
  • B. posture assessment
  • C. Cisco AnyConnect Secure Mobility Client
  • D. Cisco pxGrid
Mark Question:
Answer:

a


Reference:
https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/ b_ise_admin_guide_26_chapter_010100.html.xml#:~:text=Network%20probe%20is%20a%20method,in%20the%20Cisco%20ISE%20database
.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which Cisco command enables authentication, authorization, and accounting globally so that CoA is supported on the device?

  • A. aaa server radius dynamic-author
  • B. auth-type all
  • C. aaa new-model
  • D. ip device-tracking
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What is a characteristic of Dynamic ARP Inspection?

  • A. DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database.
  • B. In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted.
  • C. DAI associates a trust state with each switch.
  • D. DAI intercepts all ARP requests and responses on trusted ports only.
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which security product enables administrators to deploy Kubernetes clusters in air-gapped sites without needing Internet access?

  • A. Cisco Container Controller
  • B. Cisco Cloud Platform
  • C. Cisco Container Platform
  • D. Cisco Content Platform
Mark Question:
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which feature must be configured before implementing NetFlow on a router?

  • A. syslog
  • B. IP routing
  • C. VRF
  • D. SNMPv3
Mark Question:
Answer:

b

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which two global commands must the network administrator implement to limit the attack surface of an internet-facing Cisco router? (Choose two.)

  • A. service tcp-keepalives-in
  • B. no service password-recovery
  • C. no cdp run
  • D. no ip http server
  • E. ip ssh version 2
Mark Question:
Answer:

de

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 10

Which kind of API that is used with Cisco DNA Center provisions SSIDs, QoS policies, and update software versions on switches?

  • A. event
  • B. intent
  • C. integration
  • D. multivendor
Mark Question:
Answer:

b


Cisco is moving towards intent based networking and DNA center is a new addition to the solution offerings from Cisco.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2