Test Online Free Cisco 350-701 Exam Questions and Answers
Practice a live sample before buying full access. This page keeps the free 350-701 question set organized by page so visitors and search engines can reach the canonical -questions.html URL directly.
Email security has become a high priority task for a security engineer at a large multi-national organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10 00 to -6 00) on the Cisco ESA Which action will the system perform to disable any links in messages that match the filter?
Answer:
Question 182Selectable Answer
Which capability is provided by application visibility and control?
Answer:
Question 183Selectable Answer
What are two rootkit types? (Choose two)
Answer: Explanation:
The term ‘rootkit’ originally comes from the Unix world, where the word ‘root’ is used to describe a user with thehighest possible level of access privileges, similar to an ‘Administrator’ in Windows. The word ‘kit’ refers to thesoftware that grants root-level access to the machine. Put the two together and you get ‘rootkit’, a program thatgives someone C with legitimate or malicious intentions C privileged access to a computer.
There are four main types of rootkits: Kernel rootkits, User mode rootkits, Bootloader rootkits, Memory rootkits
Question 184Selectable Answer
Refer to the exhibit.
When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like toutilize an external token authentication mechanism in conjunction with AAA authentication using machinecertificates.
Which configuration item must be modified to allow this?
Answer: Explanation:
In order to use AAA along with an external token authentication mechanism, set the “Method” as “Both” inthe Authentication.
Question 185Selectable Answer
Refer to the exhibit.
Which command was used to generate this output and to show which ports are
authenticating with dot1x or mab?
Answer: Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/s1/sec-s1-xe-3se-3850-cr-book/sec-s1-xe-3se-3850-cr-book_chapter_01.html#wp3404908137
Displaying the Summary of All Auth Manager Sessions on the Switch
Enter the following:
Switch# show authentication sessions
Interface MAC Address Method Domain Status Session ID
Gi1/48 0015.63b0.f676 dot1x DATA Authz Success 0A3462B1000000102983C05C
Gi1/5 000f.23c4.a401 mab DATA Authz Success 0A3462B10000000D24F80B58
Gi1/5 0014.bf5d.d26d dot1x DATA Authz Success 0A3462B10000000E29811B94
Question 186Selectable Answer
Which two behavioral patterns characterize a ping of death attack? (Choose two)
Answer: Explanation:
Ping of Death (PoD) is a type of Denial of Service (DoS) attack in which an attacker attempts to crash,
destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command.A correctly-formed ping packet is typically 56 bytes in size, or 64 bytes when the ICMP header is considered,and 84 including Internet Protocol version 4 header. However, any IPv4 packet (including pings) may be as large as 65,535 bytes. Some computer systems were never designed to properly handle a ping packet larger than the maximum packet size because it violates the Internet Protocol documentedLike other large but well-formed packets, a ping of death is fragmented into groups of 8 octets beforetransmission. However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code.
Question 187Selectable Answer
With which components does a southbound API within a software-defined network architecture communicate?
Answer: Explanation:
The Southbound API is used to communicate between Controllers and network devices.
Question 188Selectable Answer
Which cloud service model offers an environment for cloud consumers to develop and deploy applications
without needing to manage or maintain the underlying cloud infrastructure?
Answer: Explanation:
Cloud computing can be broken into the following three basic models:
+ Infrastructure as a Service (IaaS): IaaS describes a cloud solution where you are renting infrastructure. You purchase virtual power to execute your software as needed. This is much like running a virtual server on your own equipment, except you are now running a virtual server on a virtual disk. This model is similar to a utility company model because you pay for what you use.
+ Platform as a Service (PaaS): PaaS provides everything except applications. Services provided by this
model include all phases of the system development life cycle (SDLC) and can use application programming interfaces (APIs), website portals, or gateway software. These solutions tend to be proprietary, which can cause problems if the customer moves away from the provider’s platform.
+ Software as a Service (SaaS): SaaS is designed to provide a complete packaged solution. The software is rented out to the user. The service is usually provided through some type of front end or web portal. While the end user is free to use the service from anywhere, the company pays a peruse fee.
Reference: CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide
Question 189Selectable Answer
A network administrator is configuring a rule in an access control policy to block certain URLs and selects the “Chat and Instant Messaging” category.
Which reputation score should be selected to accomplish this goal?
Answer: Explanation:
We choose “Chat and Instant Messaging” category in “URL Category”:
To block certain URLs we need to choose URL Reputation from 6 to 10.
Question 190Written Answer
A network engineer has configured a NTP server on a Cisco ASA. The Cisco ASA has IP reachability to theNTP server and is not filtering any traffic. The show ntp association detail command indicates that theconfigured NTP server is unsynchronized and has a stratum of 16.
What is the cause of this issue?
A. Resynchronization of NTP is not forced
B. NTP is not configured to use a working server.
C. An access list entry for UDP port 123 on the inside interface is missing.
D. An access list entry for UDP port 123 on the outside interface is missing.
An administrator is adding a new switch onto the network and has configured AAA for network access control. When testing the configuration, the RADIUS authenticates to Cisco ISE but is being rejected.
Why is the ip radius source-interface command needed for this configuration?
Answer:
Question 193Selectable Answer
Which solution combines Cisco IOS and IOS XE components to enable administrators to recognize
applications, collect and send network metrics to Cisco Prime and other third-party management tools, and prioritize application traffic?
Answer: Explanation:
The Cisco Application Visibility and Control (AVC) solution leverages multiple technologies to recognize,
analyze, and control over 1000 applications, including voice and video, email, file sharing, gaming, peer-to-peer(P2P), and cloud-based applications. AVC combines several Cisco IOS/IOS XE components, as well ascommunicating with external tools, to integrate the following functions into a powerful solution…
Reference: https://www.cisco.com/c/en/us/td/docs/ios/solutions_docs/avc/guide/avc-user-guide/
avc_tech_overview.html
Question 194Selectable Answer
What is the benefit of integrating Cisco ISE with a MDM solution?
What does Cisco AMP for Endpoints use to help an organization detect different families of malware?
Answer: Explanation:
ETHOS is the Cisco file grouping engine. It allows us to group families of files together so if we see variants ofa malware, we mark the ETHOS hash as malicious and whole families of malware are instantly detected.
Reference: https://docs.amp.cisco.com/AMP%20for%20Endpoints%20User%20Guide.pdf
ETHOS = Fuzzy Fingerprinting using static/passive heuristics
Reference: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2016/pdf/BRKSEC-2139.pdf
