[Dec-2021] Dumps Brief Outline Of The 350-701 Exam - Prep4pass [Q170-Q187]

Share

[Dec-2021] Dumps Brief Outline Of The 350-701 Exam - Prep4pass

350-701 Training & Certification Get Latest CCNP Security 


Preparation Process

To prepare for the Cisco 350-701 exam, the candidates are offered to sign up for the official course, Implementing and Operating Cisco Security Core Technologies. The training is available in several modes. For example, the individuals can go for the instructor-led training, including 5 days in the physical classroom with hands-on lab practice and 3 days of self-paced training. If you do not have an opportunity to attend it in person, you can opt for the virtual instructor-led option. It comes with 5 days of web-based classes with lab practice plus 3 days of self-paced training. Finally, the students can prepare for the certification test using the E-learning variant. It includes 8 days of training with videos, practice, and challenges.

 

NEW QUESTION 170
An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with other cloud solutions via an API. Which solution should be used to accomplish this goal?

  • A. Cisco Cloudlock
  • B. Adaptive MFA
  • C. CASB
  • D. SIEM

Answer: A

Explanation:
+ Cisco Cloudlock continuously monitors cloud environments with a cloud Data Loss Prevention (DLP) engine to identify sensitive information stored in cloud environments in violation of policy.
+ Cloudlock is API-based.
+ Incidents are a key resource in the Cisco Cloudlock application. They are triggered by the Cloudlock policy engine when a policy detection criteria result in a match in an object (document, field, folder, post, or file).
+ Cisco Cloudlock continuously monitors cloud environments with a cloud Data Loss Prevention (DLP) engine to identify sensitive information stored in cloud environments in violation of policy.
+ Cloudlock is API-based.
+ Incidents are a key resource in the Cisco Cloudlock application. They are triggered by the Cloudlock policy engine when a policy detection criteria result in a match in an object (document, field, folder, post, or file).
+ Cisco Cloudlock continuously monitors cloud environments with a cloud Data Loss Prevention (DLP) engine to identify sensitive information stored in cloud environments in violation of policy.
+ Cloudlock is API-based.
+ Incidents are a key resource in the Cisco Cloudlock application. They are triggered by the Cloudlock policy engine when a policy detection criteria result in a match in an object (document, field, folder, post, or file).
Reference:
Note:
+ Security information and event management (SIEM) platforms collect log and event data from security systems, networks and computers, and turn it into actionable security insights.
+ An incident is a record of the triggering of an alerting policy. Cloud Monitoring opens an incident when a condition of an alerting policy has been met.
Note:
+ Security information and event management (SIEM) platforms collect log and event data from security systems, networks and computers, and turn it into actionable security insights.
+ An incident is a record of the triggering of an alerting policy. Cloud Monitoring opens an incident when a Note:
+ Security information and event management (SIEM) platforms collect log and event data from security systems, networks and computers, and turn it into actionable security insights.
+ An incident is a record of the triggering of an alerting policy. Cloud Monitoring opens an incident when a condition of an alerting policy has been met.

 

NEW QUESTION 171
Which solution protects hybrid cloud deployment workloads with application visibility and segmentation?

  • A. Firepower
  • B. Tetration
  • C. Nexus
  • D. Stealthwatch

Answer: B

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/solutions/security/secure-data-center-solution/index.html#~products

 

NEW QUESTION 172
Refer to the exhibit.

A network administrator configures command authorization for the admin5 user. What is the admin5 user able to do on HQ_Router after this configuration?

  • A. add subinterfaces
  • B. set the IP address of an interface
  • C. complete all configurations
  • D. complete no configurations

Answer: D

Explanation:
Explanation The user "admin5" was configured with privilege level 5. In order to allow configuration (enter global configuration mode), we must type this command: (config)#privilege exec level 5 configure terminal Without this command, this user cannot do any configuration. Note: Cisco IOS supports privilege levels from 0 to 15, but the privilege levels which are used by default are privilege level 1 (user EXEC) and level privilege 15 (privilege EXEC)

 

NEW QUESTION 173
Which form of attack is launched using botnets?

  • A. ODOS
  • B. TCP flood
  • C. EIDDOS
  • D. virus

Answer: C

 

NEW QUESTION 174
An organization has two systems in their DMZ that have an unencrypted link between them for communication.
The organization does not have a defined password policy and uses several default accounts on the systems.
The application used on those systems also have not gone through stringent code reviews. Which vulnerability would help an attacker brute force their way into the systems?

  • A. missing encryption
  • B. lack of file permission
  • C. weak passwords
  • D. lack of input validation

Answer: A

Explanation:
Explanation The version 9 export format uses templates to provide access to observations of IP packet flows in a flexible and extensible manner. A template defines a collection of fields, with corresponding descriptions of structure and semantics. Reference: https://tools.ietf.org/html/rfc3954 The version 9 export format uses templates to provide access to observations of IP packet flows in a flexible and extensible manner. A template defines a collection of fields, with corresponding descriptions of structure and semantics.
Explanation The version 9 export format uses templates to provide access to observations of IP packet flows in a flexible and extensible manner. A template defines a collection of fields, with corresponding descriptions of structure and semantics. Reference: https://tools.ietf.org/html/rfc3954

 

NEW QUESTION 175
What is a key difference between Cisco Firepower and Cisco ASA?

  • A. Cisco ASA provides SSL inspection while Cisco Firepower does not.
  • B. Cisco ASA provides access control while Cisco Firepower does not.
  • C. Cisco Firepower natively provides intrusion prevention capabilities while Cisco ASA does not.
  • D. Cisco Firepower provides identity-based access control while Cisco ASA does not.

Answer: C

Explanation:
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-firepowerservices/200451-Configure-Intrusion-Policy-and-Signature.html

 

NEW QUESTION 176
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?

  • A. interesting file access
  • B. file access from a different user
  • C. privilege escalation
  • D. user login suspicious behavior

Answer: D

 

NEW QUESTION 177
For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs? (Choose two)

  • A. subordinate CA
  • B. SCP
  • C. HTTP
  • D. LDAP
  • E. SDP

Answer: C,D

Explanation:
Cisco IOS public key infrastructure (PKI) provides certificate management to support security protocols such as IP Security (IPSec), secure shell (SSH), and secure socket layer (SSL). This module identifies and describes concepts that are needed to understand, plan for, and implement a PKI.
A PKI is composed of the following entities: ...
- A distribution mechanism (such as Lightweight Directory Access Protocol [LDAP] or HTTP) for certificate revocation lists (CRLs) Cisco IOS public key infrastructure (PKI) provides certificate management to support security protocols such as IP Security (IPSec), secure shell (SSH), and secure socket layer (SSL). This module identifies and describes concepts that are needed to understand, plan for, and implement a PKI.
A PKI is composed of the following entities: ...
- A distribution mechanism (such as Lightweight Directory Access Protocol [LDAP] or HTTP) for certificate revocation lists (CRLs) Cisco IOS public key infrastructure (PKI) provides certificate management to support security protocols such as IP Security (IPSec), secure shell (SSH), and secure socket layer (SSL). This module identifies and describes concepts that are needed to understand, plan for, and implement a PKI.
A PKI is composed of the following entities: ...
- A distribution mechanism (such as Lightweight Directory Access Protocol [LDAP] or HTTP) for certificate revocation lists (CRLs)

 

NEW QUESTION 178
Refer to the exhibit.

What does the API do when connected to a Cisco security appliance?

  • A. gather the network interface information about the computers AMP sees
  • B. create an SNMP pull mechanism for managing AMP
  • C. get the process and PID information from the computers in the network
  • D. gather network telemetry information from AMP for endpoints

Answer: A

Explanation:
Explanation The call to API of "https://api.amp.cisco.com/v1/computers" allows us to fetch list of computers across your organization that Advanced Malware Protection (AMP) sees. Reference: https://api-docs.amp.cisco.com/api_actions/details?api_action=GET+%2Fv1% 2Fcomputers&api_host=api.apjc.amp.cisco.com&api_resource=Computer&api_version=v1 The call to API of "https://api.amp.cisco.com/v1/computers" allows us to fetch list of computers across your organization that Advanced Malware Protection (AMP) sees.
Reference:
Explanation The call to API of "https://api.amp.cisco.com/v1/computers" allows us to fetch list of computers across your organization that Advanced Malware Protection (AMP) sees. Reference: https://api-docs.amp.cisco.com/api_actions/details?api_action=GET+%2Fv1% 2Fcomputers&api_host=api.apjc.amp.cisco.com&api_resource=Computer&api_version=v1

 

NEW QUESTION 179
When Cisco and other industry organizations publish and inform users of known security findings and vulnerabilities, which name is used?

  • A. Common Exploits and Vulnerabilities
  • B. Common Vulnerabilities and Exposures
  • C. Common Vulnerabilities, Exploits and Threats
  • D. Common Security Exploits

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cve/174/cve-addressed-1741.html

 

NEW QUESTION 180
Which type of dashboard does Cisco DNA Center provide for complete control of the network?

  • A. centralized management
  • B. service management
  • C. distributed management
  • D. application management

Answer: A

Explanation:
Cisco's DNA Center is the only centralized network management system to bring all of this functionality into a single pane of glass.

 

NEW QUESTION 181
What is the Cisco API-based broker that helps reduce compromises, application risks, and data breaches in an environment that is not on-premise?

  • A. Cisco AMP
  • B. Cisco Umbrella
  • C. Cisco Cloudlock
  • D. Cisco App Dynamics

Answer: C

Explanation:

 

NEW QUESTION 182
Which functions of an SDN architecture require southbound APIs to enable communication?

  • A. management console and the SDN controller
  • B. SDN controller and the cloud
  • C. management console and the cloud
  • D. SDN controller and the network elements

Answer: D

 

NEW QUESTION 183
DRAG DROP
Drag and drop the capabilities from the left onto the correct technologies on the right.
Select and Place:

Answer:

Explanation:

 

NEW QUESTION 184
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?

  • A. Threat root cause
  • B. Prevalence
  • C. Vulnerable software
  • D. File analysis
  • E. Detections

Answer: B

Explanation:
Explanation Prevalence allows you to view files that have been executed in your deployment. Note: Threat Root Cause shows how malware is getting onto your computers. Reference: https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf Prevalence allows you to view files that have been executed in your deployment.
Note: Threat Root Cause shows how malware is getting onto your computers.
Explanation Prevalence allows you to view files that have been executed in your deployment. Note: Threat Root Cause shows how malware is getting onto your computers. Reference: https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf

 

NEW QUESTION 185
Refer to the exhibit.

Which statement about the authentication protocol used in the configuration is true

  • A. The authentication request contains only a password
  • B. The authentication and authorization requests are grouped in a single packet
  • C. There are separate authentication and authorization request packets
  • D. The authentication request contains only a username

Answer: B

 

NEW QUESTION 186
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?

  • A. SaaS
  • B. XaaS
  • C. PaaS
  • D. IaaS

Answer: C

Explanation:
Cloud computing can be broken into the following three basic models:
+ Infrastructure as a Service (IaaS): IaaS describes a cloud solution where you are renting infrastructure. You purchase virtual power to execute your software as needed. This is much like running a virtual server on your own equipment, except you are now running a virtual server on a virtual disk. This model is similar to a utility company model because you pay for what you use.
+ Platform as a Service (PaaS): PaaS provides everything except applications. Services provided by this model include all phases of the system development life cycle (SDLC) and can use application programming interfaces (APIs), website portals, or gateway software. These solutions tend to be proprietary, which can cause problems if the customer moves away from the provider's platform.
+ Software as a Service (SaaS): SaaS is designed to provide a complete packaged solution. The software is rented out to the user. The service is usually provided through some type of front end or web portal. While the end user is free to use the service from anywhere, the company pays a peruse fee.

 

NEW QUESTION 187
......

Certification Training for 350-701 Exam Dumps Test Engine: https://www.prep4pass.com/350-701_exam-braindumps.html

CCNP Security 350-701 Real Exam Questions and Answers FREE Updated: https://drive.google.com/open?id=1AVRg8fqEdV8x7ecjbSJyYMMs6_gyftaz