350-701 Exam Dumps V19.02 [3-30-2022] Are Up To Date For 350-701 SCOR Exam Preparation.

It's ideal that DumpsBase offers 350-701 exam dumps V19.02, which are the most up-to-date study materials with accurate 350-701 exam questions and answers for passing the Implementing and Operating Cisco Security Core Technologies (SCOR) 350-701 exam. To ensure that you are well prepared for the actual Cisco 350-701 SCOR test, use Cisco 350-701 exam dumps V19.02. Simply log in to your member center and download the updated pdf file online to receive the free update.

Read 350-701 free dumps online to Check the quality of 350-701 exam dumps V19.02

1. In which scenario is endpoint-based security the solution?

inspecting encrypted traffic

device profiling and authorization

performing signature-based application control

inspecting a password-protected archive

2. What is a benefit of using a multifactor authentication strategy?

It provides visibility into devices to establish device trust.

It provides secure remote access for applications.

It provides an easy, single sign-on experience against multiple applications

It protects data by enabling the use of a second validation of identity.

3. An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users.

Which action accomplishes this goal?

Restrict access to only websites with trusted third-party signed certificates.

Modify the user’s browser settings to suppress errors from Cisco Umbrella.

Upload the organization root CA to Cisco Umbrella.

Install the Cisco Umbrella root CA onto the user’s device.

4. What is a commonality between DMVPN and FlexVPN technologies?

FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes

FlexVPN and DMVPN use the new key management protocol

FlexVPN and DMVPN use the same hashing algorithms

IOS routers run the same NHRP code for DMVPN and FlexVPN

5. Which solution for remote workers enables protection, detection, and response on the endpoint against known and unknown threats?

Cisco AMP for Endpoints

Cisco AnyConnect

Cisco Umbrella

Cisco Duo

6. Which security product enables administrators to deploy Kubernetes clusters in air-gapped sites without needing Internet access?

Cisco Content Platform

Cisco Container Controller

Cisco Container Platform

Cisco Cloud Platform

7. A network engineer must migrate a Cisco WSA virtual appliance from one physical host to another physical host by using VMware vMotion.

What is a requirement for both physical hosts?

The hosts must run Cisco AsyncOS 10.0 or greater.

The hosts must run different versions of Cisco AsyncO

The hosts must have access to the same defined network.

The hosts must use a different datastore than the virtual appliance.

8. An organization recently installed a Cisco WSA and would like to take advantage of the AVC engine to allow the organization to create a policy to control application specific activity.

After enabling the AVC engine, what must be done to implement this?

Use security services to configure the traffic monitor, .

Use URL categorization to prevent the application traffic.

Use an access policy group to configure application control settings.

Use web security reporting to validate engine functionality

9. Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity professionals remain aware of the ongoing and most prevalent threats?

PSIRT

Talos

CSIRT

DEVNET

10. An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error.

Why is the error occurring?

Client computers do not have the Cisco Umbrella Root CA certificate installed.

IP-Layer Enforcement is not configured.

Client computers do not have an SSL certificate deployed from an internal CA server.

Intelligent proxy and SSL decryption is disabled in the policy

11. For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs? (Choose two)

SDP

LDAP

subordinate CA

SCP

HTTP

12. In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?

when there is a need for traditional anti-malware detection

when there is no need to have the solution centrally managed

when there is no firewall on the network

when there is a need to have more advanced detection capabilities

13. What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?

trusted automated exchange

Indicators of Compromise

The Exploit Database

threat intelligence

14. An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. The organization needs to ensure that the ISAKMP key on the hub is used only for terminating traffic from the IP address of 19.20.24.

Which command on the hub will allow the administrator to accomplish this?

crypto ca identity 172.19.20.24

crypto isakmp key Cisco0123456789 172.19.20.24

crypto enrollment peer address 172.19.20.24

crypto isakmp identity address 172.19.20.24

15. Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption?

Cisco Advanced Malware Protection

Cisco Stealthwatch

Cisco Identity Services Engine

Cisco AnyConnect

16. Which two cryptographic algorithms are used with IPsec? (Choose two)

AES-BAC

AES-ABC

HMAC-SHA1/SHA2

Triple AMC-CBC

AES-CBC

17. An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows.

What action would allow the attacker to gain access to machine 1 but not machine 2?

sniffing the packets between the two hosts

sending continuous pings

overflowing the buffer’s memory

inserting malicious commands into the database

18. Why is it important to have a patching strategy for endpoints?

to take advantage of new features released with patches

so that functionality is increased on a faster scale when it is used

so that known vulnerabilities are targeted and having a regular patch cycle reduces risks

so that patching strategies can assist with disabling nonsecure protocols in applications

19. What is a functional difference between a Cisco ASA and a Cisco IOS router with Zone-based policy firewall?

The Cisco ASA denies all traffic by default whereas the Cisco IOS router with Zone-Based Policy Firewall starts out by allowing all traffic, even on untrusted interfaces

The Cisco IOS router with Zone-Based Policy Firewall can be configured for high availability, whereas the Cisco ASA cannot

The Cisco IOS router with Zone-Based Policy Firewall denies all traffic by default, whereas the Cisco ASA starts out by allowing all traffic until rules are added

The Cisco ASA can be configured for high availability whereas the Cisco IOS router with Zone-Based Policy Firewall cannot

20. What is a function of 3DES in reference to cryptography?

It hashes files.

It creates one-time use passwords.

It encrypts traffic.

It generates private keys.

21. DRAG DROP

Drag and drop the cloud security assessment components from the left onto the definitions on the right.

22. A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability.

What is the connection status in both cases?

need to be reestablished with stateful failover and preserved with stateless failover

preserved with stateful failover and need to be reestablished with stateless failover

preserved with both stateful and stateless failover

need to be reestablished with both stateful and stateless failover

23. Which baseline form of telemetry is recommended for network infrastructure devices?

SDNS

NetFlow

passive taps

SNMP

24. What is the purpose of CA in a PKI?

To issue and revoke digital certificates

To validate the authenticity of a digital certificate

To create the private key for a digital certificate

To certify the ownership of a public key by the named subject

25. An administrator is trying to determine which applications are being used in the network but does not want the network devices to send metadata to Cisco Firepower.

Which feature should be used to accomplish this?

NetFlow

Packet Tracer

Network Discovery

Access Control

26. With which components does a southbound API within a software-defined network architecture communicate?

controllers within the network

applications

appliances

devices such as routers and switches

27. Which kind of API that is used with Cisco DNA Center provisions SSIDs, QoS policies, and update software versions on switches?

Integration

Intent

Event

Multivendor

28. What are two ways a network administrator transparently identifies users using Active Directory on the Cisco WSA? (Choose two.) The eDirectory client must be installed on each client workstation.

Create NTLM or Kerberos authentication realm and enable transparent user identification

Deploy a separate Active Directory agent such as Cisco Context Directory Agent.

Create an LDAP authentication realm and disable transparent user identification.

Deploy a separate eDirectory server: the client IP address is recorded in this server

29. DRAG DROP

Drag and drop the descriptions from the left onto the encryption algorithms on the right.

30. An organization wants to use Cisco FTD or Cisco ASA devices. Specific URLs must be blocked from being accessed via the firewall which requires that the administrator input the bad URL categories that the organization wants blocked into the access policy.

Which solution should be used to meet this requirement?

Cisco ASA because it enables URL filtering and blocks malicious URLs by default, whereas Cisco FTD does not

Cisco ASA because it includes URL filtering in the access control policy capabilities, whereas Cisco FTD does not

Cisco FTD because it includes URL filtering in the access control policy capabilities, whereas Cisco ASA does not

Cisco FTD because it enables URL filtering and blocks malicious URLs by default, whereas Cisco ASA does not

31. An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and this needs to happen dynamically.

What must be configured to accomplish this?

Configure the Cisco WSA to modify policies based on the traffic seen

Configure the Cisco ESA to receive real-time updates from Talos

Configure the Cisco WSA to receive real-time updates from Talos

Configure the Cisco ESA to modify policies based on the traffic seen

32. Which parameter is required when configuring a Netflow exporter on a Cisco Router?

DSCP value

Source interface

Exporter name

Exporter description

33. Refer to the exhibit.

A network engineer is testing NTP authentication and realizes that any device synchronizes time with this router and that NTP authentication is not enforced.

What is the cause of this issue?

The key was configured in plain text.

NTP authentication is not enabled.

The hashing algorithm that was used was MD5. which is unsupported.

The router was not rebooted after the NTP configuration updated.

34. What is a characteristic of a bridge group in ASA Firewall transparent mode?

It includes multiple interfaces and access rules between interfaces are customizable

It is a Layer 3 segment and includes one port and customizable access rules

It allows ARP traffic with a single access rule

It has an IP address on its BVI interface and is used for management traffic

35. Refer to the exhibit.

An organization is using DHCP Snooping within their network. A user on VLAN 41 on a new switch is complaining that an IP address is not being obtained.

Which command should be configured on the switch interface in order to provide the user with network connectivity?

ip dhcp snooping verify mac-address

ip dhcp snooping limit 41

ip dhcp snooping vlan 41

ip dhcp snooping trust

36. Which technology should be used to help prevent an attacker from stealing usernames and passwords of users within an organization?

RADIUS-based REAP

fingerprinting

Dynamic ARP Inspection

multifactor authentication

37. When choosing an algorithm to us, what should be considered about Diffie Hellman and RSA for key establishment?

RSA is an asymmetric key establishment algorithm intended to output symmetric keys

RSA is a symmetric key establishment algorithm intended to output asymmetric keys

DH is a symmetric key establishment algorithm intended to output asymmetric keys

DH is on asymmetric key establishment algorithm intended to output symmetric keys

38. An organization wants to improve its cybersecurity processes and to add intelligence to its data. The organization wants to utilize the most current intelligence data for URL filtering, reputations, and vulnerability information that can be integrated with the Cisco FTD and Cisco WSA.

What must be done to accomplish these objectives?

Create a Cisco pxGrid connection to NIST to import this information into the security products for policy use

Create an automated download of the Internet Storm Center intelligence feed into the Cisco FTD and Cisco WSA databases to tie to the dynamic access control policies.

Download the threat intelligence feed from the IETF and import it into the Cisco FTD and Cisco WSA databases

Configure the integrations with Talos Intelligence to take advantage of the threat intelligence that it provides.

39. What are two functionalities of SDN Northbound APIs? (Choose two.)

Northbound APIs provide a programmable interface for applications to dynamically configure the network.

Northbound APIs form the interface between the SDN controller and business applications.

OpenFlow is a standardized northbound API protocol.

Northbound APIs use the NETCONF protocol to communicate with applications.

Northbound APIs form the interface between the SDN controller and the network switches or routers.

40. A company is experiencing exfiltration of credit card numbers that are not being stored on-premise. The company needs to be able to protect sensitive data throughout the full environment.

Which tool should be used to accomplish this goal?

Security Manager

Cloudlock

Web Security Appliance

Cisco ISE

41. Which two actions does the Cisco Identity Services Engine posture module provide that ensures endpoint security? (Choose two.)

Assignments to endpoint groups are made dynamically, based on endpoint attributes.

Endpoint supplicant configuration is deployed.

A centralized management solution is deployed.

Patch management remediation is performed.

The latest antivirus updates are applied before access is allowed.

42. An engineer integrates Cisco FMC and Cisco ISE using pxGrid.

Which role is assigned for Cisco FMC?

client

server

controller

publisher

43. Which posture assessment requirement provides options to the client for remediation and requires the remediation within a certain timeframe?

Audit

Mandatory

Optional

Visibility

44. How does DNS Tunneling exfiltrate data?

An attacker registers a domain that a client connects to based on DNS records and sends malware through that connection.

An attacker opens a reverse DNS shell to get into the client’s system and install malware on it.

An attacker uses a non-standard DNS port to gain access to the organization’s DNS servers in order to poison the resolutions.

An attacker sends an email to the target with hidden DNS resolvers in it to redirect them to a malicious domain.

45. Which Cisco security solution determines if an endpoint has the latest OS updates and patches installed on the system?

Cisco Endpoint Security Analytics

Cisco AMP for Endpoints

Endpoint Compliance Scanner

Security Posture Assessment Service

46. When planning a VPN deployment, for which reason does an engineer opt for an active/active FlexVPN configuration as opposed to DMVPN?

Multiple routers or VRFs are required.

Traffic is distributed statically by default.

Floating static routes are required.

HSRP is used for faliover.

47. What is the purpose of the certificate signing request when adding a new certificate for a server?

It is the password for the certificate that is needed to install it with.

It provides the server information so a certificate can be created and signed

It provides the certificate client information so the server can authenticate against it when installing

It is the certificate that will be loaded onto the server

48. What are two functionalities of northbound and southbound APIs within Cisco SDN architecture? (Choose two.)

Southbound APIs are used to define how SDN controllers integrate with applications.

Southbound interfaces utilize device configurations such as VLANs and IP addresses.

Northbound APIs utilize RESTful API methods such as GET, POST, and DELET

Southbound APIs utilize CLI, SNMP, and RESTCON

Northbound interfaces utilize OpenFlow and OpFlex to integrate with network devices.

49. Which type of API is being used when a controller within a software-defined network architecture dynamically makes configuration changes on switches within the network?

westbound AP

southbound API

northbound API

eastbound API

50. Which Cisco WSA feature supports access control using URL categories?

transparent user identification

SOCKS proxy services

web usage controls

user session restrictions

51. Which two parameters are used for device compliance checks? (Choose two.)

endpoint protection software version

Windows registry values

DHCP snooping checks

DNS integrity checks

device operating system version

52. Refer to the exhibit.

What is the function of the Python script code snippet for the Cisco ASA REST API?

adds a global rule into policies

changes the hostname of the Cisco ASA

deletes a global rule from policies

obtains the saved configuration of the Cisco ASA firewall

53. Which factor must be considered when choosing the on-premise solution over the cloud-based one?

With an on-premise solution, the provider is responsible for the installation and maintenance of the product, whereas with a cloud-based solution, the customer is responsible for it

With a cloud-based solution, the provider is responsible for the installation, but the customer is responsible for the maintenance of the product.

With an on-premise solution, the provider is responsible for the installation, but the customer is responsible for the maintenance of the product.

With an on-premise solution, the customer is responsible for the installation and maintenance of the product, whereas with a cloud-based solution, the provider is responsible for it.

54. An engineer is implementing Cisco CES in an existing Microsoft Office 365 environment and must route inbound email to Cisco CE.. record must be modified to accomplish this task?

CNAME

MX

SPF

DKIM

55. Refer to the exhibit.

A Cisco ISE administrator adds a new switch to an 802.1X deployment and has difficulty with some endpoints gaining access.

Most PCs and IP phones can connect and authenticate using their machine certificate credentials.

However printer and video cameras cannot base d on the interface configuration provided, what must be to get these devices on to the network using Cisco ISE for authentication and authorization while maintaining security controls?

Change the default policy in Cisco ISE to allow all devices not using machine authentication.

Enable insecure protocols within Cisco ISE in the allowed protocols configuration.

Configure authentication event fail retry 2 action authorize vlan 41 on the interface

Add mab to the interface configuration.

56. What are two differences between a Cisco WSA that is running in transparent mode and one running in explicit mode? (Choose two)

When the Cisco WSA is running in transparent mode, it uses the WSA’s own IP address as the HTTP request destination.

The Cisco WSA responds with its own IP address only if it is running in explicit mode.

The Cisco WSA is configured in a web browser only if it is running in transparent mode.

The Cisco WSA uses a Layer 3 device to redirect traffic only if it is running in transparent mode.

The Cisco WSA responds with its own IP address only if it is running in transparent mode.

57. What is a difference between Cisco AMP for Endpoints and Cisco Umbrella?

Cisco AMP for Endpoints is a cloud-based service, and Cisco Umbrella is not.

Cisco AMP for Endpoints prevents connections to malicious destinations, and C malware.

Cisco AMP for Endpoints automatically researches indicators of compromise ..

Cisco AMP for Endpoints prevents, detects, and responds to attacks before and against Internet threats.

58. Which endpoint solution protects a user from a phishing attack?

Cisco Identity Services Engine

Cisco AnyConnect with ISE Posture module

Cisco AnyConnect with Network Access Manager module

Cisco AnyConnect with Umbrella Roaming Security module

59. What does Cisco AMP for Endpoints use to help an organization detect different families of malware?

Ethos Engine to perform fuzzy fingerprinting

Tetra Engine to detect malware when me endpoint is connected to the cloud

Clam AV Engine to perform email scanning

Spero Engine with machine learning to perform dynamic analysis

60. When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for.

What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?

The key server that is managing the keys for the connection will be at 1.2.3.4

The remote connection will only be allowed from 1.2.3.4

The address that will be used as the crypto validation authority

All IP addresses other than 1.2.3.4 will be allowed

61. A Cisco FTD engineer is creating a new IKEv2 policy called s2s00123456789 for their organization to allow for additional protocols to terminate network devices with. They currently only have one policy established and need the new policy to be a backup in case some devices cannot support the stronger algorithms listed in the primary policy.

What should be done in order to support this?

Change the integrity algorithms to SHA* to support all SHA algorithms in the primary policy

Make the priority for the new policy 5 and the primary policy 1

Change the encryption to AES* to support all AES algorithms in the primary policy

Make the priority for the primary policy 10 and the new policy 1

62. Why should organizations migrate to an MFA strategy for authentication?

Single methods of authentication can be compromised more easily than MF

Biometrics authentication leads to the need for MFA due to its ability to be hacked easily.

MFA methods of authentication are never compromised.

MFA does not require any piece of evidence for an authentication mechanism.

63. What is an advantage of network telemetry over SNMP pulls?

accuracy

encapsulation

security

scalability

64. How does Cisco Advanced Phishing Protection protect users?

It validates the sender by using DKI

It determines which identities are perceived by the sender

It utilizes sensors that send messages securely.

It uses machine learning and real-time behavior analytics.

65. What is an attribute of the DevSecOps process?

mandated security controls and check lists

security scanning and theoretical vulnerabilities

development security

isolated security team

66. Which attack type attempts to shut down a machine or network so that users are not able to access it?

smurf

bluesnarfing

MAC spoofing

IP spoofing

67. A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen on the network.

Which two actions should be selected to allow the traffic to pass without inspection? (Choose two)

permit

trust

reset

allow

monitor

68. Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)

virtualization

middleware

operating systems

applications

data

69. A user has a device in the network that is receiving too many connection requests from multiple machines.

Which type of attack is the device undergoing?

phishing

slowloris

pharming

SYN flood

70. Which risk is created when using an Internet browser to access cloud-based service?

misconfiguration of infrastructure, which allows unauthorized access

intermittent connection to the cloud connectors

vulnerabilities within protocol

insecure implementation of API

71. Which IETF attribute is supported for the RADIUS CoA feature?

24 State

30 Calling-Station-ID

42 Acct-Session-ID

81 Message-Authenticator

72. What is a difference between DMVPN and sVTI?

DMVPN supports tunnel encryption, whereas sVTI does not.

DMVPN supports dynamic tunnel establishment, whereas sVTI does not.

DMVPN supports static tunnel establishment, whereas sVTI does not.

DMVPN provides interoperability with other vendors, whereas sVTI does not.

73. Which type of protection encrypts RSA keys when they are exported and imported?

file

passphrase

NGE

nonexportable

74. What are the two types of managed Intercloud Fabric deployment models? (Choose two)

Service Provider managed

Public managed

Hybrid managed

User managed

Enterprise managed

75. What is the difference between Cross-site Scripting and SQL Injection, attacks?

Cross-site Scripting is an attack where code is injected into a database, whereas SQL Injection is an attack where code is injected into a browser.

Cross-site Scripting is a brute force attack targeting remote sites, whereas SQL Injection is a social engineering attack.

Cross-site Scripting is when executives in a corporation are attacked, whereas SQL Injection is when a database is manipulated.

Cross-site Scripting is an attack where code is executed from the server side, whereas SQL Injection is an attack where code is executed from the client side.

76. What are two things to consider when using PAC files with the Cisco WSA? (Choose two.)

If the WSA host port is changed, the default port redirects web traffic to the correct port automatically.

PAC files use if-else statements to determine whether to use a proxy or a direct connection for traffic between the PC and the host.

The WSA hosts PAC files on port 9001 by default.

The WSA hosts PAC files on port 6001 by default.

By default, they direct traffic through a proxy when the PC and the host are on the same subnet.

77. Which system performs compliance checks and remote wiping?

MDM

ISE

AMP

OTP

78. Which type of algorithm provides the highest level of protection against brute-force attacks?

PFS

HMAC

MD5

SHA

79. What features does Cisco FTDv provide over ASAv?

Cisco FTDv runs on VMWare while ASAv does not

Cisco FTDv provides 1GB of firewall throughput while Cisco ASAv does not

Cisco FTDv runs on AWS while ASAv does not

Cisco FTDv supports URL filtering while ASAv does not

80. DRAG DROP

Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right.