Sep 25, 2021 Step by Step Guide to Prepare for 350-701 Exam BrainDumps
CCNP Security 350-701 Real Exam Questions and Answers FREE Updated on 2021
NEW QUESTION 24
An engineer wants to automatically assign endpoints that have a specific OUl into a new endpoint group.
Which probe must be enabled for this type of profiling to work?
- A. NMAP
- B. NetFlow
- C. DHCP
- D. SNMP
Answer: A
NEW QUESTION 25
Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity professionals remain aware of the ongoing and most prevalent threats?
- A. CSIRT
- B. Talos
- C. PSIRT
- D. DEVNET
Answer: B
Explanation:
Explanation
https://talosintelligence.com/
NEW QUESTION 26
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?
- A. user login suspicious behavior
- B. privilege escalation
- C. file access from a different user
- D. interesting file access
Answer: A
Explanation:
The various suspicious patterns for which the Cisco Tetration platform looks in the current release are:
+ Shell code execution: Looks for the patterns used by shell code.
+ Privilege escalation: Watches for privilege changes from a lower privilege to a higher privilege in the process lineage tree.
+ Side channel attacks: Cisco Tetration platform watches for cache-timing attacks and page table fault bursts.
Using these, it can detect Meltdown, Spectre, and other cache-timing attacks.
+ Raw socket creation: Creation of a raw socket by a nonstandard process (for example, ping).
+ User login suspicious behavior: Cisco Tetration platform watches user login failures and user login methods.
+ Interesting file access: Cisco Tetration platform can be armed to look at sensitive files.
+ File access from a different user: Cisco Tetration platform learns the normal behavior of which file is accessed by which user.
+ Unseen command: Cisco Tetration platform learns the behavior and set of commands as well as the lineage of each command over time. Any new command or command with a different lineage triggers the interest of the Tetration Analytics platform.
NEW QUESTION 27
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?
- A. SaaS
- B. IaaS
- C. PaaS
- D. XaaS
Answer: C
Explanation:
Explanation
Cloud computing can be broken into the following three basic models:
+ Infrastructure as a Service (IaaS): IaaS describes a cloud solution where you are renting infrastructure. You purchase virtual power to execute your software as needed. This is much like running a virtual server on your own equipment, except you are now running a virtual server on a virtual disk. This model is similar to a utility company model because you pay for what you use.
+ Platform as a Service (PaaS): PaaS provides everything except applications. Services provided by this model include all phases of the system development life cycle (SDLC) and can use application programming interfaces (APIs), website portals, or gateway software. These solutions tend to be proprietary, which can cause problems if the customer moves away from the provider's platform.
+ Software as a Service (SaaS): SaaS is designed to provide a complete packaged solution. The software is rented out to the user. The service is usually provided through some type of front end or web portal. While the end user is free to use the service from anywhere, the company pays a peruse fee.
NEW QUESTION 28
An organization is receiving SPAM emails from a known malicious domain What must be configured in order to prevent the session during the initial TCP communication?
- A. Configure policies to stop and reject communication
- B. Configure the Cisco ESA to drop the malicious emails.
- C. Configure policies to quarantine malicious emails.
- D. Configure the Cisco ESA to reset the TCP connection.
Answer: C
Explanation:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118219-configure-esa-00.html
NEW QUESTION 29
Which two capabilities of Integration APIs are utilized with Cisco DNA center? (Choose two)
- A. Connect to Information Technology Service Management Platforms
- B. Create new SSIDs on a wireless LAN controller
- C. Upgrade software on switches and routers
- D. Automatically deploy new virtual routers
- E. Application monitors for power utilization of devices and IoT sensors
Answer: A,E
Explanation:
Explanation Integration API (Westbound) Integration capabilities are part of Westbound interfaces. To meet the need to scale and accelerate operations in modern data centers, IT operators require intelligent, end-to-end work flows built with open APIs. The Cisco DNA Center platform provides mechanisms for integrating Cisco DNA Assurance workflows and data with thirdparty IT Service Management (ITSM) solutions. Reference: https://developer.cisco.com/docs/dna-center/#!cisco-dna-center-platform-overview/events-andnotifications-eastbound -> Therefore answer D is correct. Westbound-Integration APIs Cisco DNA Center platform can power end-to-end IT processes across the value chain by integrating various domains such as ITSM, IPAM, and reporting. By leveraging the REST-based Integration Adapter APIs, bidirectional interfaces can be built to allow the exchange of contextual information between Cisco DNA Center and the external, third-party IT systems. The westbound APIs provide the capability to publish the network data, events and notifications to the external systems and consume information in Cisco DNA Center from the connected systems. Reference: https://blogs.cisco.com/networking/with-apis-cisco-dna-center-can-improve-your-competitiveadvantage Therefore the most suitable choice is Integration APIs can monitor for power utilization of devices and IoT sensors -> Answer C is correct.
Integration API (Westbound)
Integration capabilities are part of Westbound interfaces. To meet the need to scale and accelerate operations in modern data centers, IT operators require intelligent, end-to-end work flows built with open APIs. The Cisco DNA Center platform provides mechanisms for integrating Cisco DNA Assurance workflows and data with thirdparty IT Service Management (ITSM) solutions.
Reference:
-> Therefore answer D is correct.
Westbound-Integration APIs
Cisco DNA Center platform can power end-to-end IT processes across the value chain by integrating various domains such as ITSM, IPAM, and reporting. By leveraging the REST-based Integration Adapter APIs, bidirectional interfaces can be built to allow the exchange of contextual information between Cisco DNA Center and the external, third-party IT systems. The westbound APIs provide the capability to publish the network data, events and notifications to the external systems and consume information in Cisco DNA Center from the connected systems.
Therefore the most suitable choice is Integration APIs can monitor for power utilization of devices and IoT Explanation Integration API (Westbound) Integration capabilities are part of Westbound interfaces. To meet the need to scale and accelerate operations in modern data centers, IT operators require intelligent, end-to-end work flows built with open APIs. The Cisco DNA Center platform provides mechanisms for integrating Cisco DNA Assurance workflows and data with thirdparty IT Service Management (ITSM) solutions. Reference: https://developer.cisco.com/docs/dna-center/#!cisco-dna-center-platform-overview/events-andnotifications-eastbound -> Therefore answer D is correct. Westbound-Integration APIs Cisco DNA Center platform can power end-to-end IT processes across the value chain by integrating various domains such as ITSM, IPAM, and reporting. By leveraging the REST-based Integration Adapter APIs, bidirectional interfaces can be built to allow the exchange of contextual information between Cisco DNA Center and the external, third-party IT systems. The westbound APIs provide the capability to publish the network data, events and notifications to the external systems and consume information in Cisco DNA Center from the connected systems. Reference: https://blogs.cisco.com/networking/with-apis-cisco-dna-center-can-improve-your-competitiveadvantage Therefore the most suitable choice is Integration APIs can monitor for power utilization of devices and IoT sensors -> Answer C is correct.
NEW QUESTION 30
Where are individual sites specified to be blacklisted in Cisco Umbrella?
- A. destination lists
- B. content categories
- C. security settings
- D. application settings
Answer: A
NEW QUESTION 31
What is the purpose of the My Devices Portal in a Cisco ISE environment?
- A. to provision userless and agentless systems
- B. to request a newly provisioned mobile device
- C. to register new laptops and mobile devices
- D. to manage and deploy antivirus definitions and patches on systems owned by the end user
Answer: B
Explanation:
Explanation
NEW QUESTION 32
Which attack type attempts to shut down a machine or network so that users are not able to access it?
- A. smurf
- B. IP spoofing
- C. MAC spoofing
- D. bluesnarfing
Answer: A
NEW QUESTION 33
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?
- A. Correlation
- B. Access Control
- C. Network Discovery
- D. Intrusion
Answer: C
Explanation:
Explanation The Firepower System uses network discovery and identity policies to collect host, application, and user data for traffic on your network. You can use certain types of discovery and identity data to build a comprehensive map of your network assets, perform forensic analysis, behavioral profiling, access control, and mitigate and respond to the vulnerabilities and exploits to which your organization is susceptible. You can configure your network discovery policy to perform host and application detection. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/introduction_to_network_discovery_and_identity.html The Firepower System uses network discovery and identity policies to collect host, application, and user data for traffic on your network. You can use certain types of discovery and identity data to build a comprehensive map of your network assets, perform forensic analysis, behavioral profiling, access control, and mitigate and respond to the vulnerabilities and exploits to which your organization is susceptible.
You can configure your network discovery policy to perform host and application detection.
Explanation The Firepower System uses network discovery and identity policies to collect host, application, and user data for traffic on your network. You can use certain types of discovery and identity data to build a comprehensive map of your network assets, perform forensic analysis, behavioral profiling, access control, and mitigate and respond to the vulnerabilities and exploits to which your organization is susceptible. You can configure your network discovery policy to perform host and application detection. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/introduction_to_network_discovery_and_identity.html
NEW QUESTION 34
Refer to the exhibit.
Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?
- A. show authentication registrations
- B. show dot1x all
- C. show authentication method
- D. show authentication sessions
Answer: B
NEW QUESTION 35
Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from the left onto the correct definitions on the right.
Answer:
Explanation:
Explanation
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/detecti
NEW QUESTION 36
How is Cisco Umbrella configured to log only security events?
- A. in the Security Settings section
- B. per policy
- C. in the Reporting settings
- D. per network in the Deployments section
Answer: B
Explanation:
Explanation The logging of your identities' activities is set per-policy when you first create a policy. By default, logging is on and set to log all requests an identity makes to reach destinations. At any time after you create a policy, you can change what level of identity activity Umbrella logs. From the Policy wizard, log settings are: Log All Requests-For full logging, whether for content, security or otherwise Log Only Security Events-For security logging only, which gives your users more privacy-a good setting for people with the roaming client installed on personal devices Don't Log Any Requests-Disables all logging. If you select this option, most reporting for identities with this policy will not be helpful as nothing is logged to report on. Reference: https://docs.umbrella.com/deployment-umbrella/docs/log-management The logging of your identities' activities is set per-policy when you first create a policy. By default, logging is on and set to log all requests an identity makes to reach destinations. At any time after you create a policy, you can change what level of identity activity Umbrella logs.
From the Policy wizard, log settings are:
Log All Requests-For full logging, whether for content, security or otherwise Log Only Security Events-For security logging only, which gives your users more privacy-a good setting for people with the roaming client installed on personal devices Don't Log Any Requests-Disables all logging. If you select this option, most reporting for identities with this policy will not be helpful as nothing is logged to report on.
Explanation The logging of your identities' activities is set per-policy when you first create a policy. By default, logging is on and set to log all requests an identity makes to reach destinations. At any time after you create a policy, you can change what level of identity activity Umbrella logs. From the Policy wizard, log settings are: Log All Requests-For full logging, whether for content, security or otherwise Log Only Security Events-For security logging only, which gives your users more privacy-a good setting for people with the roaming client installed on personal devices Don't Log Any Requests-Disables all logging. If you select this option, most reporting for identities with this policy will not be helpful as nothing is logged to report on. Reference: https://docs.umbrella.com/deployment-umbrella/docs/log-management
NEW QUESTION 37
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices The default management port conflicts with other communications on the network and must be changed What must be done to ensure that all devices can communicate together?
- A. Change the management port on Cisco FMC so that it pushes the change to all managed Cisco FTD devices
- B. Set the sftunnel to go through the Cisco FTD
- C. Set the sftunnel port to 8305
- D. Manually change the management port on Cisco FMC and all managed Cisco FTD devices
Answer: A
NEW QUESTION 38
Which Cisco command enables authentication, authorization, and accounting globally so that CoA is supported on the device?
- A. ip device-tracking
- B. aaa server radius dynamic-author
- C. aaa new-model
- D. auth-type all
Answer: B
NEW QUESTION 39
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?
- A. platform service policy
- B. access control policy
- C. group policy
- D. device management policy
Answer: A
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/622/configuration/guide/fpmc-config- guide-v622/platform_settings_policies_for_managed_devices.pdf
NEW QUESTION 40
What can be integrated with Cisco Threat Intelligence Director to provide information about security threats, which allows the SOC to proactively automate responses to those threats?
- A. Cisco Stealthwatch
- B. Cisco Umbrella
- C. External Threat Feeds
- D. Cisco Threat Grid
Answer: D
NEW QUESTION 41
Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System?
- A. Application
- B. Port
- C. Protocol
- D. Source
- E. Rule
Answer: D,E
NEW QUESTION 42
......
Ultimate Guide to Prepare 350-701 Certification Exam for CCNP Security: https://www.prep4pass.com/350-701_exam-braindumps.html
350-701 Ultimate Study Guide: https://drive.google.com/open?id=1g9hm0HtfKxq6tLwcjkIssuVQK8T1ooNj
