Download Cisco.350-701.CertDumps.2024-11-28.233q.tqb

Download Exam

File Info

Exam Implementing and Operating Cisco Security Core Technologies
Number 350-701
File Name Cisco.350-701.CertDumps.2024-11-28.233q.tqb
Size 5 MB
Posted Nov 28, 2024
Download Cisco.350-701.CertDumps.2024-11-28.233q.tqb

ProfExam Suite - Black Friday

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?


  1. smurf
  2. distributed denial of service
  3. cross-site scripting
  4. rootkit exploit
Correct answer: C
Explanation:
cross-site scripting is a correct answer.
cross-site scripting is a correct answer.



Question 2

What is the difference between deceptive phishing and spear phishing?


  1. Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.
  2. A spear phishing campaign is aimed at a specific person versus a group of people.
  3. Spear phishing is when the attack is aimed at the C-level executives of an organization.
  4. Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a falsewebpage.
Correct answer: B
Explanation:
A spear phishing campaign is aimed at a specific person versus a group of people.
A spear phishing campaign is aimed at a specific person versus a group of people.



Question 3

Which two behavioral patterns characterize a ping of death attack? (Choose two.)


  1. The attack is fragmented into groups of 16 octets before transmission.
  2. The attack is fragmented into groups of 8 octets before transmission.
  3. Short synchronized bursts of traffic are used to disrupt TCP connections.
  4. Malformed packets are used to crash systems.
  5. Publicly accessible DNS servers are typically used to execute the attack.
Correct answer: BD
Explanation:
Reference:https://en.wikipedia.org/wiki/Ping_of_death
Reference:
https://en.wikipedia.org/wiki/Ping_of_death



Question 4

Which two mechanisms are used to control phishing attacks? (Choose two.)


  1. Enable browser alerts for fraudulent websites.
  2. Define security group memberships.
  3. Revoke expired CRL of the websites.
  4. Use antispyware software.
  5. Implement email filtering techniques.
Correct answer: AE
Explanation:
Enable browser alerts for fraudulent websites.Implement email filtering techniques.
Enable browser alerts for fraudulent websites.
Implement email filtering techniques.



Question 5

What are two rootkit types? (Choose two.)


  1. registry
  2. buffer mode
  3. user mode
  4. bootloader
  5. virtual
Correct answer: CD
Explanation:
1. Kernel rootkit2. Hardware or firmware rootkit3. Hyper-V rootkits4. Bootloader rootkit or bootkit5. Memory rootkit6. User-mode or application rootkit
1. Kernel rootkit
2. Hardware or firmware rootkit
3. Hyper-V rootkits
4. Bootloader rootkit or bootkit
5. Memory rootkit
6. User-mode or application rootkit



Question 6

How is DNS tunneling used to exfiltrate data out of a corporate network?


  1. It leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers
  2. It encodes the payload with random characters that are broken into short strings and the DNS server rebuildsthe exfiltrated data
  3. It redirects DNS requests to a malicious server used to steal user credentials, which allows further damageand theft on the network
  4. It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information orstart other attacks
Correct answer: B
Explanation:
It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data
It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data



Question 7

Which type of attack is social engineering?


  1. trojan
  2. MITM
  3. phishing
  4. malware
Correct answer: C
Explanation:
phishing is a correct answer.
phishing is a correct answer.



Question 8

What are two DDoS attack categories? (Choose two.)


  1. protocol
  2. source-based
  3. database
  4. sequential
  5. volume-based
Correct answer: AE
Explanation:
Answer A and E. There are three different general categories of DDoS attacks:Volume-based DDoS attacksApplication DDoS attacksLow-rate DoS (LDoS) attackshttps://tools.cisco.com/security/center/resources/guide_ddos_defense.html
Answer A and E. 
There are three different general categories of DDoS attacks:
Volume-based DDoS attacks
Application DDoS attacks
Low-rate DoS (LDoS) attacks
https://tools.cisco.com/security/center/resources/guide_ddos_defense.html



Question 9

In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?


  1. man-in-the-middle
  2. LDAP injection
  3. insecure API
  4. cross-site scripting
Correct answer: A
Explanation:
man-in-the-middle is a correct answer.
man-in-the-middle is a correct answer.



Question 10

Which two preventive measures are used to control cross-site scripting? (Choose two.)


  1. Enable client-side scripts on a per-domain basis.
  2. Incorporate contextual output encoding/escaping.
  3. Disable cookie inspection in the HTML inspection engine.
  4. Run untrusted HTML input through an HTML sanitization engine.
  5. SameSite cookie attribute should not be used.
Correct answer: BD
Explanation:
https://en.wikipedia.org/wiki/Cross-site_scripting#Safely_validating_untrusted_HTML_inputBandD
https://en.wikipedia.org/wiki/Cross-site_scripting#Safely_validating_untrusted_HTML_inputBandD









CONNECT US

Twitter

Mastodon

Facebook

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files