File Info
| Exam | Implementing and Operating Cisco Security Core Technologies |
| Number | 350-701 |
| File Name | Cisco.350-701.NewDumps.2023-09-19.28q.vcex |
| Size | 669 KB |
| Posted | Sep 19, 2023 |
| Download | Cisco.350-701.NewDumps.2023-09-19.28q.vcex |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
Question 1
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
- security intelligence
- impact flags
- health monitoring
- URL filtering
Correct answer: A
Question 2
Refer to the exhibit.
Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?
- show authentication registrations
- show authentication method
- show dot1x all
- show authentication sessions
Correct answer: B
Question 3
An administrator wants to ensure that all endpoints are compliant before users are allowed access on the corporate network. The endpoints must have the corporate antivirus application installed and be running the latest build of Windows 10. What must the administrator implement to ensure that all devices are compliant before they are allowed on the network?
- Cisco Identity Services Engine and AnyConnect Posture module
- Cisco Stealthwatch and Cisco Identity Services Engine integration
- Cisco ASA firewall with Dynamic Access Policies configured
- Cisco Identity Services Engine with PxGrid services enabled
Correct answer: A
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect46/administration/guide/b_AnyConnect_Administrator_Guide_4-6/configure-posture.html Reference: https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect46/administration/guide/b_AnyConnect_Administrator_Guide_4-6/configure-posture.html
Question 4
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.)
- Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.
- The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.
- The IPsec configuration that is set up on the active device must be duplicated on the standby device.
- Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically.
- The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.
Correct answer: BC
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnav/configuration/15-mt/sec-vpn-availability-15-mt-book/sec-state-fail-ipsec.html Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnav/configuration/15-mt/sec-vpn-availability-15-mt-book/sec-state-fail-ipsec.html
Question 5
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
- user input validation in a web page or web application
- Linux and Windows operating systems
- database
- web page images
Correct answer: C
Explanation:
Reference: https://tools.cisco.com/security/center/resources/sql_injection Reference: https://tools.cisco.com/security/center/resources/sql_injection
Question 6
Refer to the exhibit.
What does the number 15 represent in this configuration?
- privilege level for an authorized user to this router
- access list that identifies the SNMP devices that can access the router
- interval in seconds between SNMPv3 authentication attempts
- number of possible failed attempts until the SNMPv3 user is locked out
Correct answer: B
Question 7
Which network monitoring solution uses streams and pushes operational data to provide a near real-time view of activity?
- SNMP
- SMTP
- syslog
- model-driven telemetry
Correct answer: D
Explanation:
Reference: https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide Reference: https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide
Question 8
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?
- authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX
- authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXX
- authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX
- secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX
Correct answer: B
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-c4.html#wp6039879000 Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-c4.html#wp6039879000
Question 9
Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from the left onto the correct definitions on the right.
Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/detecting_specific_threats.html Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/detecting_specific_threats.html
Question 10
Which two descriptions of AES encryption are true? (Choose two.)
- AES is less secure than 3DES.
- AES is more secure than 3DES.
- AES can use a 168-bit key for encryption.
- AES can use a 256-bit key for encryption.
- AES encrypts and decrypts a key three times in sequence.
Correct answer: BD
Explanation:
Reference: https://gpdb.docs.pivotal.io/43190/admin_guide/topics/ipsec.html Reference: https://gpdb.docs.pivotal.io/43190/admin_guide/topics/ipsec.html
