[2021] 350-701 All-in-One Exam Guide Practice To your 350-701 Exam!
Preparations of 350-701 Exam 2021 CCNP Security Unlimited 330 Questions
NEW QUESTION 113
What is the role of an endpoint in protecting a user from a phishing attack?
- A. Ensure that antivirus and anti malware software is up to date.
- B. Utilize 802.1X network security to ensure unauthorized access to resources.
- C. Use machine learning models to help identify anomalies and determine expected sending behavior.
- D. Use Cisco Stealthwatch and Cisco ISE Integration.
Answer: C
NEW QUESTION 114
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)
- A. DDOS
- B. brute force
- C. tear drop
- D. phishing
- E. man-in-the-middle
Answer: D,E
NEW QUESTION 115
What is the function of SDN southbound API protocols?
- A. to enable the controller to make changes
- B. to allow for the static configuration of control plane applications
- C. to enable the controller to use REST
- D. to allow for the dynamic configuration of control plane applications
Answer: A
Explanation:
NEW QUESTION 116
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which probe must be enabled for this type of profiling to work?
- A. NMAP
- B. NetFlow
- C. DHCP
- D. SNMP
Answer: A
Explanation:
Explanation Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint. NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address. Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes: + EndPointPolicy + LastNmapScanCount + NmapScanCount + OUI + Operating-system Reference: http://www.network-node.com/blog/2016/1/2/ise-20-profiling Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint.
NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address.
Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes:
+ EndPointPolicy
+ LastNmapScanCount
+ NmapScanCount
+ OUI
+ Operating-system
Explanation Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint. NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address. Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes: + EndPointPolicy + LastNmapScanCount + NmapScanCount + OUI + Operating-system Reference: http://www.network-node.com/blog/2016/1/2/ise-20-profiling
NEW QUESTION 117
What is a function of 3DES in reference to cryptography?
- A. It creates one-time use passwords.
- B. It encrypts traffic.
- C. It generates private keys.
- D. It hashes files.
Answer: B
NEW QUESTION 118
Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from the left onto the correct definitions on the right.
Answer:
Explanation:
NEW QUESTION 119
Drag and drop the cloud security assessment components from the left onto the definitions on the right.
Answer:
Explanation:
Steps:
NEW QUESTION 120
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices The default management port conflicts with other communications on the network and must be changed What must be done to ensure that all devices can communicate together?
- A. Change the management port on Cisco FMC so that it pushes the change to all managed Cisco FTD devices
- B. Set the sftunnel to go through the Cisco FTD
- C. Set the sftunnel port to 8305
- D. Manually change the management port on Cisco FMC and all managed Cisco FTD devices
Answer: A
NEW QUESTION 121
Which capability is exclusive to a Cisco AMP public cloud instance as compared to a private cloud instance?
- A. SPERO detection engine
- B. RBAC
- C. TETRA detection engine
- D. ETHOS detection engine
Answer: D
NEW QUESTION 122
Which Dos attack uses fragmented packets to crash a target machine?
- A. MITM
- B. smurf
- C. teardrop
- D. LAND
Answer: C
NEW QUESTION 123
An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly identifying all valid recipients. What must be done on the Cisco ESA to accomplish this goal?
- A. Configure Directory Harvest Attack Prevention
- B. Bypass LDAP access queries in the recipient access table.
- C. Use Bounce Verification
- D. Configure incoming content filters.
Answer: A
Explanation:
NEW QUESTION 124
Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two.)
- A. malware
- B. ARP spoofing
- C. eavesdropping
- D. exploits
- E. denial-of-service attacks
Answer: A,D
NEW QUESTION 125
Configure the Cisco ESA to modify policies based on the traffic seen. What is a benefit of conducting device compliance checks?
- A. It validates if anti-virus software is installed.
- B. It indicates what type of operating system is connecting to the network.
- C. It scans endpoints to determine if malicious activity is taking place.
- D. It detects email phishing attacks.
Answer: A
NEW QUESTION 126 
Refer to the exhibit. Which command was used to generate this output and to show which ports are authenticating with dot1x or mab?
- A. show authentication method
- B. show authentication registrations
- C. show dot1x all
- D. show authentication sessions
Answer: A
NEW QUESTION 127
When Cisco and other industry organizations publish and inform users of known security findings and vulnerabilities, which name is used?
- A. Common Security Exploits
- B. Common Vulnerabilities, Exploits and Threats
- C. Common Vulnerabilities and Exposures
- D. Common Exploits and Vulnerabilities
Answer: C
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cve/174/cve-addressed-1741.html
NEW QUESTION 128
Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two)
- A. malware
- B. ARP spoofing
- C. eavesdropping
- D. exploits
- E. denial-of-service attacks
Answer: A,D
Explanation:
Explanation
Malware means "malicious software", is any software intentionally designed to cause damage to a computer, server, client, or computer network. The most popular types of malware includes viruses, ransomware and spyware. Virus Possibly the most common type of malware, viruses attach their malicious code to clean code and wait to be run.
Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.
Spyware is spying software that can secretly record everything you enter, upload, download, and store on your computers or mobile devices. Spyware always tries to keep itself hidden.
An exploit is a code that takes advantage of a software vulnerability or security flaw.
Exploits and malware are two risks for endpoints that are not up to date. ARP spoofing and eavesdropping are attacks against the network while denial-of-service attack is based on the flooding of IP packets.
NEW QUESTION 129
What is the purpose of the My Devices Portal in a Cisco ISE environment?
- A. to provision userless and agentless systems
- B. to request a newly provisioned mobile device
- C. to register new laptops and mobile devices
- D. to manage and deploy antivirus definitions and patches on systems owned by the end user
Answer: B
Explanation:
Explanation
NEW QUESTION 130
Authorized What is a prerequisite when integrating a Cisco ISE server and an AD domain?
- A. Configure a common DNS server.
- B. Synchronize the docks of the Cisco ISE server and the AD server
- C. Place the Cisco ISE server and the AD server in the same subnet.
- D. Configure a common administrator account.
Answer: B
NEW QUESTION 131
Which Cisco product is open, scalable, and built on IETF standards to allow multiple security products from Cisco and other vendors to share data and interoperate with each other?
- A. Platform Exchange Grid
- B. Multifactor Platform Integration
- C. Firepower Threat Defense
- D. Advanced Malware Protection
Answer: A
NEW QUESTION 132
Drag and drop the descriptions from the left onto the correct protocol versions on the right.
Answer:
Explanation:
Explanation
NEW QUESTION 133
Drag and drop the capabilities from the left onto the correct technologies on the right.
Answer:
Explanation:
NEW QUESTION 134
......
Focus on 350-701 All-in-One Exam Guide For Quick Preparation: https://www.actualpdf.com/350-701_exam-dumps.html
Practice To 350-701 - ActualPDF Remarkable Practice On your Implementing and Operating Cisco Security Core Technologies Exam: https://drive.google.com/open?id=15FyUgn5v7DVX7bJYxYT_Y82WhuBFhGJz
