Practice Free Cisco 350-701 Exam Questions Online, 350-701 Free Demo

Question 196 Selectable Answer

An engineer adds a custom detection policy to a Cisco AMP deployment and encounters issues with theconfiguration. The simple detection mechanism is configured, but the dashboard indicates that the hash is not 64 characters and is non-zero.
What is the issue?

A. The engineer is attempting to upload a hash created using MD5 instead of SHA-256
B. The file being uploaded is incompatible with simple detections and must use advanced detections
C. The hash being uploaded is part of a set in an incorrect format
D. The engineer is attempting to upload a file instead of a hash

Answer:

Question 197 Selectable Answer

What is the purpose of the My Devices Portal in a Cisco ISE environment?

A. to register new laptops and mobile devices
B. to request a newly provisioned mobile device
C. to provision userless and agentless systems
D. to manage and deploy antivirus definitions and patches on systems owned by the end user

Answer:
Explanation:
Depending on your company policy, you might be able to use your mobile phones, tablets, printers, Internet radios, and other network devices on your company’s network. You can use the My Devices portal to register and manage these devices on your company’s network.
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/mydevices/b_mydevices_2x.html

Question 198 Selectable Answer

Which endpoint solution protects a user from a phishing attack?

A. Cisco Identity Services Engine
B. Cisco AnyConnect with ISE Posture module
C. Cisco AnyConnect with Network Access Manager module
D. Cisco AnyConnect with Umbrella Roaming Security module

Answer:

Question 199 Selectable Answer

Which function is included when Cisco AMP is added to web security?

A. multifactor, authentication-based user identity
B. detailed analytics of the unknown file's behavior
C. phishing detection on emails
D. threat prevention on an infected endpoint

Answer:

Question 200 Selectable Answer

An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users.

A. Upload the organization root CA to the Umbrella admin portal
B. Modify the user's browser settings to suppress errors from Umbrella.
C. Restrict access to only websites with trusted third-party signed certificates.
D. Import the Umbrella root CA into the trusted root store on the user's device.

Answer:

Question 201 Selectable Answer

An engineer needs to configure an access control policy rule to always send traffic for inspection without
using the default action.
Which action should be configured for this rule?

A. monitor
B. allow
C. block
D. trust

Answer:
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/access_control_using_intrusion_and_file_policies.html#:~:text=File%20Policies-,Access%20Control%20Traffic%20Handling%20with%20Intrusion%20and%20File%20Policies,-The%20following%20diagram
the first three access control rules in the policy―Monitor, Trust, and Block―cannot inspect matching traffic. Monitor rules track and log but do not inspect network traffic, so the system continues to match traffic against additional rules to determine whether to permit or deny it
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/access_control_rules.html#:~:text=Rule%20Blocking%20Actions-,Access%20Control%20Rule%20Allow%20Action,network%20discovery%20policy%3B%20additionally%2C%20application%20discovery%20is%20limited%20for%20encrypted%20sessions.,-Related%20Concepts

Question 202 Selectable Answer

A company has 5000 Windows users on its campus.
Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.)

A. Segment different departments to different IP blocks and enable Dynamic ARp inspection on all VLANs
B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.
C. Ensure that a user cannot enter the network of another department.
D. Perform a posture check to allow only network access to (hose Windows devices that are already patched.
E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGF
F. ni

Answer:

Question 203 Selectable Answer

Which product allows Cisco FMC to push security intelligence observable to its sensors from other products?

A. Encrypted Traffic Analytics
B. Threat Intelligence Director
C. Cognitive Threat Analytics
D. Cisco Talos Intelligence

Answer:

Question 204 Selectable Answer

Refer to the exhibit.

Refer to the exhibit. A Cisco ISE administrator adds a new switch to an 802.1X deployment and has difficulty with some endpoints gaining access.
Most PCs and IP phones can connect and authenticate using their machine certificate credentials. However printer and video cameras cannot base d on the interface configuration provided, what must be to get these devices on to the network using Cisco ISE for authentication and authorization while maintaining security controls?

A. Change the default policy in Cisco ISE to allow all devices not using machine authentication .
B. Enable insecure protocols within Cisco ISE in the allowed protocols configuration.
C. Configure authentication event fail retry 2 action authorize vlan 41 on the interface
D. Add mab to the interface configuration.

Answer:

Question 205 Selectable Answer

An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment and must route inbound email to Cisco CE.. record must be modified to accomplish this task?

A. CNAME
B. MX
C. SPF
D. DKIM

Answer:

Question 206 Selectable Answer

What is a benefit of using Cisco Umbrella?

A. DNS queries are resolved faster.
B. Attacks can be mitigated before the application connection occurs.
C. Files are scanned for viruses before they are allowed to run.
D. It prevents malicious inbound traffic.

Answer:

Question 207 Selectable Answer

Which algorithm provides asymmetric encryption?

A. RC4
B. AES
C. RSA
D. 3DES

Answer:

Question 208 Selectable Answer

A network engineer entered the snmp-server user asmith myv7 auth sha cisco priv aes 256
cisc0xxxxxxxxx command and needs to send SNMP information to a host at 10.255.255.1.
Whichcommand achieves this goal?

A. snmp-server host inside 10.255.255.1 version 3 myv7
B. snmp-server host inside 10.255.255.1 snmpv3 myv7
C. snmp-server host inside 10.255.255.1 version 3 asmith
D. snmp-server host inside 10.255.255.1 snmpv3 asmith

Answer:

Question 209 Selectable Answer

Which ASA deployment mode can provide separation of management on a shared appliance?

A. DMZ multiple zone mode
B. transparent firewall mode
C. multiple context mode
D. routed mode

Answer:

Question 210 Selectable Answer

Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access tonetwork resources?

A. BYOD on boarding
B. Simple Certificate Enrollment Protocol
C. Client provisioning
D. MAC authentication bypass

Answer:
Explanation:
When supporting personal devices on a corporate network, you must protect network services and enterprisedata by authenticating and authorizing users (employees, contractors, and guests) and their devices. Cisco ISEprovides the tools you need to allow employees to securely use personal devices on a corporate network.
Guests can add their personal devices to the network by running the native supplicant provisioning (NetworkSetup Assistant), or by adding their devices to the My Devices portal.
Because native supplicant profiles are not available for all devices, users can use the My Devices portal to addthese devices manually; or you can configure Bring Your Own Device (BYOD) rules to register these devices.
Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/
m_ise_devices_byod.html

Test Online Free Cisco 350-701 Exam Questions and Answers