Make success possible with our Latest and Unique CCNP Security 350-701 Practice Exam!
Name: Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)
Exam Code: 350-701
Certification: CCNP Security
Vendor: Cisco
Total Questions: 726
Last Updated: November 13, 2025
279 Satisfied Customers
Success is simply the result of the efforts you put into the preparation. We at Dumpsgroup wish to make that preparation a lot easier. The Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) 350-701 Practice Exam we offer is solely for best results. Our IT experts put in their blood and sweat into carefully selecting and compiling these unique Practice Questions. So, you can achieve your dreams of becoming a CCNP Security professional. Now is the time to press that big buy button and take the first step to a better and brighter future.
Passing the Cisco 350-701 exam is simpler if you have globally valid resources and Dumpsgroup provides you just that. Millions of customers come to us daily, leaving the platform happy and satisfied. Because we aim to provide you with CCNP Security Practice Questions aligned with the latest patterns of the Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) Exam. And not just that, our reliable customer services are 24 hours at your beck and call to support you in every way necessary. Order now to see the 350-701 Exam results you always desired.
You must have heard about candidates failing in a large quantity and perhaps tried yourself and fail to pass Implementing and Operating Cisco Security Core Technologies (SCOR 350-701). It is best to try Dumpsgroup’s 350-701 Practice Questions this time around. Dumpsgroup not only provides an authentic, valid, and accurate resource for your preparation. They simplified the training by dividing it into two different formats for ease and comfort. Now you can get the Cisco 350-701 in both PDF and Online Test Engine formats. Choose whichever or both to start your CCNP Security certification exam preparation.
Furthermore, Dumpsgroup gives a hefty percentage off on these Spoto 350-701 Practice Exam by applying a simple discount code; when the actual price is already so cheap. The updates for the first three months, from the date of your purchase, are FREE. Our esteemed customers cannot stop singing praises of our Cisco 350-701 Practice Questions. That is because we offer only the questions with the highest possibility of appearing in the actual exam. Download the free demo and see for yourself.
We know you have been struggling to compete with your colleagues in your workplace. That is why we provide the 350-701 Practice Questions to let you gain the upper hand that you always wanted. These questions and answers are a thorough guide in a simple and exam-like format! That makes understanding and excelling in your field way lot easier. Our aim is not just to help to pass the CCNP Security Exam but to make a Cisco professional out of you. For that purpose, our 350-701 Practice Exams are the best choice.
There are many resources available online for the preparation of the Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) Exam. But that does mean that all of them are reliable. When your future as a CCNP Security certified is at risk, you have got to think twice while choosing Cisco 350-701 Practice Questions. Dumpsgroup is not only a verified source of training material but has been in this business for years. In those years, we researched on 350-701 Practice Exam and came up with the best solution. So, you can trust that we know what we are doing. Moreover, we have joined hands with Cisco experts and professionals who are exceptional in their skills. And these experts approved our 350-701 Practice Questions for Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) preparation.
Based on the NIST 800-145 guide, which cloud architecture may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises?
A. hybrid cloud
B. private cloud
C. public cloud
D. community cloud
ANSWER : D
When a Cisco WSA checks a web request, what occurs if it is unable to match a userdefined policy?
A. It blocks the request.
B. It applies the global policy.
C. It applies the next identification profile policy.
D. It applies the advanced policy.
ANSWER : B
Which Cisco ISE feature helps to detect missing patches and helps with remediation?
A. posture assessment
B. profiling policy
C. authentication policy
D. enabling probes
ANSWER : A
For a given policy in Cisco Umbrella, how should a customer block website based on a custom list?
A. by specifying blocked domains in me policy settings
B. by specifying the websites in a custom blocked category
C. by adding the websites to a blocked type destination list
D. by adding the website IP addresses to the Cisco Umbrella blocklist
ANSWER : C
What is the most common type of data exfiltration that organizations currently experience?
A. HTTPS file upload site
B. Microsoft Windows network shares
C. SQL database injections
D. encrypted SMTP
ANSWER : A
What are two functions of IKEv1 but not IKEv2? (Choose two)
A. NAT-T is supported in IKEv1 but rot in IKEv2.
B. With IKEv1, when using aggressive mode, the initiator and responder identities are passed cleartext
C. With IKEv1, mode negotiates faster than main mode
D. IKEv1 uses EAP authentication
E. IKEv1 conversations are initiated by the IKE_SA_INIT message
ANSWER : C,E
An engineer needs to detect and quarantine a file named abc424400664 zip based on the MD5 signature of the file using the Outbreak Control list feature within Cisco Advanced Malware Protection (AMP) for Endpoints The configured detection method must work on files of unknown disposition Which Outbreak Control list must be configured to provide this?
A. Blocked Application
B. Simple Custom Detection
C. Advanced Custom Detection
D. Android Custom Detection
ANSWER : C
A large organization wants to deploy a security appliance in the public cloud to form a siteto-site VPN and link the public cloud environment to the private cloud in the headquarters data center. Which Cisco security appliance meets these requirements?
A. Cisco Cloud Orchestrator
B. Cisco ASAV
C. Cisco WSAV
D. Cisco Stealthwatch Cloud
ANSWER : B
An engineer is trying to decide whether to use Cisco Umbrella, Cisco CloudLock, Cisco Stealthwatch, or Cisco AppDynamics Cloud Monitoring for visibility into data transfers as well as protection against data exfiltration Which solution best meets these requirements?
A. Cisco CloudLock
B. Cisco AppDynamics Cloud Monitoring
C. Cisco Umbrella
D. Cisco Stealthwatch
ANSWER : D
Which solution allows an administrator to provision, monitor, and secure mobile devices on Windows and Mac computers from a centralized dashboard?
A. Cisco Umbrella
B. Cisco AMP for Endpoints
C. Cisco ISE
D. Cisco Stealthwatch
ANSWER : C
An organization deploys multiple Cisco FTD appliances and wants to manage them using one centralized solution. The organization does not have a local VM but does have existing Cisco ASAs that must migrate over to Cisco FTDs. Which solution meets the needs of the organization?
A. Cisco FMC
B. CSM
C. Cisco FDM
D. CDO
ANSWER : B
What is the concept of Cl/CD pipelining?
A. The project is split into several phases where one phase cannot start before the
previous phase finishes successfully.
B. The project code is centrally maintained and each code change should trigger an automated build and test sequence
C. The project is split into time-limited cycles and focuses on pair programming for
continuous code review
D. Each project phase is independent from other phases to maintain adaptiveness and continual improvement
ANSWER : A
Which cloud service offering allows customers to access a web application that is being hosted, managed, and maintained by a cloud service provider?
A. IaC
B. SaaS
C. IaaS
D. PaaS
ANSWER : B
Which cloud service offering allows customers to access a web application that is being hosted, managed, and maintained by a cloud service provider?
A. IaC
B. SaaS
C. IaaS
D. PaaS
ANSWER : B
An engineer is configuring Cisco Umbrella and has an identity that references two different policies. Which action ensures that the policy that the identity must use takes precedence over the second one?
A. Configure the default policy to redirect the requests to the correct policy
B. Place the policy with the most-specific configuration last in the policy order
C. Configure only the policy with the most recently changed timestamp
D. Make the correct policy first in the policy order
ANSWER : D
A company recently discovered an attack propagating throughout their Windows network via a file named abc428565580xyz exe The malicious file was uploaded to a Simple Custom Detection list in the AMP for Endpoints Portal and the currently applied policy for the Windows clients was updated to reference the detection list Verification testing scans on known infected systems shows that AMP for Endpoints is not detecting the presence of this file as an indicator of compromise What must be performed to ensure detection of the malicious file?
A. Upload the malicious file to the Blocked Application Control List
B. Use an Advanced Custom Detection List instead of a Simple Custom Detection List
C. Check the box in the policy configuration to send the file to Cisco Threat Grid for dynamic analysis
D. Upload the SHA-256 hash for the file to the Simple Custom Detection List
ANSWER : D
Which feature must be configured before implementing NetFlow on a router?
A. SNMPv3
B. syslog
C. VRF
D. IP routing
ANSWER : D
What is a benefit of flexible NetFlow records?
A. They are used for security
B. They are used for accounting
C. They monitor a packet from Layer 2 to Layer 5
D. They have customized traffic identification
ANSWER : D
What is the difference between EPP and EDR?
A. EPP focuses primarily on threats that have evaded front-line defenses that entered the
environment.
B. Having an EPP solution allows an engineer to detect, investigate, and remediate modern threats.
C. EDR focuses solely on prevention at the perimeter.
D. Having an EDR solution gives an engineer the capability to flag offending files at the first sign of malicious behavior.
ANSWER : B
Which API method and required attribute are used to add a device into DNAC with the native API?
A. lastSyncTime and pid
B. POST and name
C. userSudiSerialNos and devicelnfo
D. GET and serialNumber
ANSWER : B
Why should organizations migrate to a multifactor authentication strategy?
A. Multifactor authentication methods of authentication are never compromised
B. Biometrics authentication leads to the need for multifactor authentication due to its ability to be hacked easily
C. Multifactor authentication does not require any piece of evidence for an authentication mechanism
D. Single methods of authentication can be compromised more easily than multifactor authentication
ANSWER : D
What is a benefit of using GET VPN over FlexVPN within a VPN deployment?
A. GET VPN supports Remote Access VPNs
B. GET VPN natively supports MPLS and private IP networks
C. GET VPN uses multiple security associations for connections
D. GET VPN interoperates with non-Cisco devices
ANSWER : B
An engineer recently completed the system setup on a Cisco WSA Which URL information does the system send to SensorBase Network servers?
A. Summarized server-name information and MD5-hashed path information
B. complete URL,without obfuscating the path segments
C. URL information collected from clients that connect to the Cisco WSA using Cisco
AnyConnect
D. none because SensorBase Network Participation is disabled by default
ANSWER : B
An engineer is implementing DHCP security mechanisms and needs the ability to add additional attributes to profiles that are created within Cisco ISE Which action accomplishes this task?
A. Define MAC-to-lP address mappings in the switch to ensure that rogue devices cannot
get an IP address
B. Use DHCP option 82 to ensure that the request is from a legitimate endpoint and send the information to Cisco ISE
C. Modify the DHCP relay and point the IP address to Cisco ISE.
D. Configure DHCP snooping on the switch VLANs and trust the necessary interfaces
ANSWER : D
Which threat intelligence standard contains malware hashes?
A. structured threat information expression
B. advanced persistent threat
C. trusted automated exchange or indicator information
D. open command and control
ANSWER : A
Which feature does the laaS model provide?
A. granular control of data
B. dedicated, restricted workstations
C. automatic updates and patching of software
D. software-defined network segmentation
ANSWER : C
DoS attacks are categorized as what?
A. phishing attacks
B. flood attacks
C. virus attacks
D. trojan attacks
ANSWER : B
Which ESA implementation method segregates inbound and outbound email?
A. one listener on a single physical Interface
B. pair of logical listeners on a single physical interface with two unique logical IPv4 addresses and one IPv6 address
C. pair of logical IPv4 listeners and a pair Of IPv6 listeners on two physically separate interfaces
D. one listener on one logical IPv4 address on a single logical interface
ANSWER : D
DoS attacks are categorized as what?
A. phishing attacks
B. flood attacks
C. virus attacks
D. trojan attacks
ANSWER : B
An engineer is adding a Cisco router to an existing environment. NTP authentication is configured on all devices in the environment with the command ntp authentication-key 1 md5 Clsc427128380. There are two routers on the network that are configured as NTP servers for redundancy, 192.168.1.110 and 192.168.1.111. 192.168.1.110 is configured as the authoritative time source. What command must be configured on the new router to use 192.168.1.110 as its primary time source without the new router attempting to offer time to existing devices?
A. ntp server 192.168.1.110 primary key 1
B. ntp peer 192.168.1.110 prefer key 1
C. ntp server 192.168.1.110 key 1 prefer
D. ntp peer 192.168.1.110 key 1 primary
ANSWER : A
Which feature requires that network telemetry be enabled?
A. per-interface stats
B. SNMP trap notification
C. Layer 2 device discovery
D. central syslog system
ANSWER : D
What is a function of Cisco AMP for Endpoints?
A. It detects DNS attacks
B. It protects against web-based attacks
C. It blocks email-based attacks
D. It automates threat responses of an infected host
ANSWER : D
An engineer musí set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used?
A. sticky
B. static
C. aging
D. maximum
ANSWER : A
Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls?
A. NTP
B. syslog
C. SNMP
D. NetFlow
ANSWER : D
Which Cisco solution integrates Encrypted Traffic Analytics to perform enhanced visibility,promote compliance,shorten response times, and provide administrators with the information needed to provide educated and automated decisions to secure the environment?
A. Cisco DNA Center
B. Cisco SDN
C. Cisco ISE
D. Cisco Security Compiance Solution
ANSWER : A
An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing file named abc424952615.exe without quarantining that file What type of Outbreak Control list must the SHA.-256 hash value for the file be added to in order to accomplish this?
A. Advanced Custom Detection
B. Blocked Application
C. Isolation
D. Simple Custom Detection
ANSWER : B
A company identified a phishing vulnerability during a pentest What are two ways the company can protect employees from the attack? (Choose two.)
A. using Cisco Umbrella
B. using Cisco ESA
C. using Cisco FTD
D. using an inline IPS/IDS in the network
E. using Cisco ISE
ANSWER : A,B
Which Cisco security solution stops exfiltration using HTTPS?
A. Cisco FTD
B. Cisco AnyConnect
C. Cisco CTA
D. Cisco ASA
ANSWER : C
What is the term for the concept of limiting communication between applications or containers on the same node?
A. container orchestration
B. software-defined access
C. microservicing
D. microsegmentation
ANSWER : D
What is the purpose of a NetFlow version 9 template record?
A. It specifies the data format of NetFlow processes.
B. It provides a standardized set of information about an IP flow.
C. lt defines the format of data records.
D. It serves as a unique identification number to distinguish individual data records
ANSWER : C
Which function is performed by certificate authorities but is a limitation of registration authorities?
A. accepts enrollment requests
B. certificate re-enrollment
C. verifying user identity
D. CRL publishing
ANSWER : C
Which algorithm is an NGE hash function?
A. HMAC
B. SHA-1
C. MD5
D. SISHA-2
ANSWER : D
What is the process In DevSecOps where all changes In the central code repository are merged and synchronized?
A. CD
B. EP
C. CI
D. QA
ANSWER : C
During a recent security audit a Cisco IOS router with a working IPSEC configuration using IKEv1 was flagged for using a wildcard mask with the crypto isakmp key command The VPN peer is a SOHO router with a dynamically assigned IP address Dynamic DNS has been configured on the SOHO router to map the dynamic IP address to the host name of vpn sohoroutercompany.com In addition to the command crypto isakmp key Cisc425007536 hostname vpn.sohoroutercompany.com what other two commands are now required on the Cisco IOS router for the VPN to continue to function after the wildcard command is removed? (Choose two)
A. ip host vpn.sohoroutercompany.eom
B. crypto isakmp identity hostname
C. Add the dynamic keyword to the existing crypto map command
D. fqdn vpn.sohoroutercompany.com
E. ip name-server
ANSWER : C,E
Which open standard creates a framework for sharing threat intelligence in a machinedigestible format?
A. OpenC2
B. OpenlOC
C. CybOX
D. STIX
ANSWER : D
Which command is used to log all events to a destination colector 209.165.201.107?
A. CiscoASA(config-pmap-c)#flow-export event-type flow-update destination
209.165.201.10
B. CiscoASA(config-cmap)# flow-export event-type all destination 209.165.201.
C. CiscoASA(config-pmap-c)#flow-export event-type all destination 209.165.201.10
D. CiscoASA(config-cmap)#flow-export event-type flow-update destination 209.165.201.10
ANSWER : C
What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two.)
A. REST uses methods such as GET, PUT, POST, and DELETE.
B. REST codes can be compiled with any programming language.
C. REST is a Linux platform-based architecture.
D. The POST action replaces existing data at the URL path.
E. REST uses HTTP to send a request to a web service.
ANSWER : A,E
Refer to the exhibit. All servers are in the same VLAN/Subnet. DNS Server-1 and DNS
Server-2 must communicate with each other, and all servers must communicate with
default gateway multilayer switch. Which type of private VLAN ports should be configured
to prevent communication between DNS servers and the file server?
A. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as isolated port,
and GigabitEthernet0/3 and GigabitEthernet0/4 as promiscuous ports.
B. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as promiscuous port, Gigabit Ethernet0/3 and GigabitEthernet0/4 as isolated ports C. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as isolated port and GigabitEthernet0/3 and GrgabitEthernet0/4 as community ports
C. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as community port, and GigabitEthernet0/3 and GrgabitEthernet0/4 as isolated ports.
ANSWER : C
Which security solution is used for posture assessment of the endpoints in a BYOD solution?
A. Cisco FTD
B. Cisco ASA
C. Cisco Umbrella
D. Cisco ISE
ANSWER : D
What are two benefits of using Cisco Duo as an MFA solution? (Choose two.)
A. grants administrators a way to remotely wipe a lost or stolen device
B. provides simple and streamlined login experience for multiple applications and users
C. native integration that helps secure applications across multiple cloud platforms or onpremises environments
D. encrypts data that is stored on endpoints
E. allows for centralized management of endpoint device applications and configurations
ANSWER : B,C
Which two capabilities does an MDM provide? (Choose two.)
A. delivery of network malware reports to an inbox in a schedule
B. unified management of mobile devices, Macs, and PCs from a centralized dashboard
C. enforcement of device security policies from a centralized dashboard
D. manual identification and classification of client devices
E. unified management of Android and Apple devices from a centralized dashboard
ANSWER : B,C
Refer to the exhibit. What function does the API key perform while working with
https://api.amp.cisco.com/v1/computers?
A. imports requests
B. HTTP authorization
C. HTTP authentication
D. plays dent ID
ANSWER : C
Refer to the exhibit. What is the result of using this authentication protocol in the
configuration?
A. The authentication request contains only a username.
B. The authentication request contains only a password.
C. There are separate authentication and authorization request packets.
D. The authentication and authorization requests are grouped in a single packet.
ANSWER : D
How does Cisco AMP for Endpoints provide next-generation protection?
A. It encrypts data on user endpoints to protect against ransomware.
B. It leverages an endpoint protection platform and endpoint detection and response.
C. It utilizes Cisco pxGrid, which allows Cisco AMP to pull threat feeds from threat intelligence centers.
D. It integrates with Cisco FTD devices.
ANSWER : B
Which feature is used in a push model to allow for session identification, host reauthentication, and session termination?
A. AAA attributes
B. CoA request
C. AV pair
D. carrier-grade NAT
ANSWER : C
An organization is implementing AAA for their users. They need to ensure that authorization is verified for every command that is being entered by the network administrator. Which protocol must be configured in order to provide this capability?
A. EAPOL
B. SSH
C. RADIUS
D. TACACS+
ANSWER : D
What is the purpose of the Cisco Endpoint loC feature?
A. It provides stealth threat prevention.
B. lt is a signature-based engine.
C. lt is an incident response tool
D. It provides precompromise detection.
ANSWER : C
What is a characteristic of an EDR solution and not of an EPP solution?
A. stops all ransomware attacks
B. retrospective analysis
C. decrypts SSL traffic for better visibility
D. performs signature-based detection
ANSWER : B
Which open standard creates a framework for sharing threat intelligence in a machinedigestible format?
A. OpenC2
B. OpenlOC
C. CybOX
D. STIX
ANSWER : D
Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two)
A. posture assessment
B. aaa authorization exec default local
C. tacacs-server host 10.1.1.250 key password
D. aaa server radius dynamic-author
E. CoA
ANSWER : D,E
What are two workloaded security models? (Choose two)
A. SaaS
B. IaaS
C. on-premises
D. off-premises
E. PaaS
ANSWER : C,D
Email security has become a high priority task for a security engineer at a large multinational organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10 00 to -6 00) on the Cisco ESA Which action will the system perform to disable any links in messages that match the filter?
A. Defang
B. Quarantine
C. FilterAction
D. ScreenAction
ANSWER : A
Refer to the exhibit When configuring this access control rule in Cisco FMC, what happens
with the traffic destined to the DMZjnside zone once the configuration is deployed?
A. All traffic from any zone to the DMZ_inside zone will be permitted with no further
inspection
B. No traffic will be allowed through to the DMZ_inside zone regardless of if it's trusted or not
C. All traffic from any zone will be allowed to the DMZ_inside zone only after inspection
D. No traffic will be allowed through to the DMZ_inside zone unless it's already trusted
ANSWER : A
A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.)
A. Segment different departments to different IP blocks and enable Dynamic ARp
inspection on all VLANs
B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.
C. Ensure that a user cannot enter the network of another department.
D. Perform a posture check to allow only network access to (hose Windows devices that are already patched.
E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW. ni
ANSWER : B,D
Which two criteria must a certificate meet before the WSA uses it to decrypt application traffic? (Choose two.)
A. It must include the current date.
B. It must reside in the trusted store of the WSA.
C. It must reside in the trusted store of the endpoint.
D. It must have been signed by an internal CA.
E. it must contain a SAN.
ANSWER : A,B
What is a benefit of using Cisco Umbrella?
A. DNS queries are resolved faster.
B. Attacks can be mitigated before the application connection occurs.
C. Files are scanned for viruses before they are allowed to run.
D. It prevents malicious inbound traffic.
ANSWER : B
When network telemetry is implemented, what is important to be enabled across all network infrastructure devices to correlate different sources?
A. CDP
B. NTP
C. syslog
D. DNS
ANSWER : B
Which capability is provided by application visibility and control?
A. reputation filtering
B. data obfuscation
C. data encryption
D. deep packet inspection
ANSWER : D
Which Cisco DNA Center RESTful PNP API adds and claims a device into a workflow?
A. api/v1/fie/config
B. api/v1/onboarding/pnp-device/import
C. api/v1/onboarding/pnp-device
D. api/v1/onboarding/workflow
ANSWER : B
Which Cisco Firewall solution requires zone definition?
A. CBAC
B. Cisco AMP
C. ZBFW
D. Cisco ASA
ANSWER : C
How does Cisco Workload Optimization portion of the network do EPP solutions solely performance issues?
A. It deploys an AWS Lambda system
B. It automates resource resizing
C. It optimizes a flow path
D. It sets up a workload forensic score
ANSWER : B
Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatures on endpoints and then quarantine the files?
A. Configure an advanced custom detection list.
B. Configure an IP Block & Allow custom detection list
C. Configure an application custom detection list
D. Configure a simple custom detection list
ANSWER : A
Which two protocols must be configured to authenticate end users to the Web Security Appliance? (Choose two.)
A. NTLMSSP
B. Kerberos
C. CHAP
D. TACACS+
E. RADIUS
ANSWER : A,B
Client workstations are experiencing extremely poor response time. An engineer suspects that an attacker is eavesdropping and making independent connections while relaying messages between victims to make them think they are talking to each other over a private connection. Which feature must be enabled and configured to provide relief from this type of attack?
A. Link Aggregation
B. Reverse ARP
C. private VLANs
D. Dynamic ARP Inspection
ANSWER : D
Email security has become a high priority task for a security engineer at a large multinational organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10 00 to -6 00) on the Cisco ESA Which action will the system perform to disable any links in messages that match the filter?
A. Defang
B. Quarantine
C. FilterAction
D. ScreenAction
ANSWER : B
An engineer is configuring cloud logging using a company-managed Amazon S3 bucket for Cisco Umbrella logs. What benefit does this configuration provide for accessing log data?
A. It is included m the license cost for the multi-org console of Cisco Umbrella
B. It can grant third-party SIEM integrations write access to the S3 bucket
C. No other applications except Cisco Umbrella can write to the S3 bucket
D. Data can be stored offline for 30 days.
ANSWER : D
What are two benefits of using an MDM solution? (Choose two.)
A. grants administrators a way to remotely wipe a lost or stolen device
B. provides simple and streamlined login experience for multiple applications and users
C. native integration that helps secure applications across multiple cloud platforms or onpremises environments
D. encrypts data that is stored on endpoints
E. allows for centralized management of endpoint device applications and configurations
ANSWER : A,E
What does endpoint isolation in Cisco AMP for Endpoints security protect from?
A. an infection spreading across the network E
B. a malware spreading across the user device
C. an infection spreading across the LDAP or Active Directory domain from a user account
D. a malware spreading across the LDAP or Active Directory domain from a user account
ANSWER : C
Which API method and required attribute are used to add a device into Cisco DNA Center with the native API?
A. GET and serialNumber
B. userSudiSerlalNos and deviceInfo
C. POST and name
D. lastSyncTime and pid
ANSWER : A
An engineer is configuring Dropbox integration with Cisco Cloudlock. Which action must be taken before granting API access in the Dropbox admin console?
A. Authorize Dropbox within the Platform settings in the Cisco Cloudlock portal.
B. Add Dropbox to the Cisco Cloudlock Authentication and API section in the Cisco Cloudlock portal.
C. Send an API request to Cisco Cloudlock from Dropbox admin portal.
D. Add Cisco Cloudlock to the Dropbox admin portal.
ANSWER : A
What is a functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client?
A. The Umbrella Roaming client stops and tracks malicious activity on hosts, and AMP for
Endpoints tracks only URL-based threats.
B. The Umbrella Roaming Client authenticates users and provides segmentation, and AMP for Endpoints allows only for VPN connectivity
C. AMP for Endpoints authenticates users and provides segmentation, and the Umbrella Roaming Client allows only for VPN connectivity.
D. AMP for Endpoints stops and tracks malicious activity on hosts, and the Umbrella Roaming Client tracks only URL-based threats.
ANSWER : D
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https:///capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?
A. Disable the proxy setting on the browser
B. Disable the HTTPS server and use HTTP instead
C. Use the Cisco FTD IP address as the proxy server setting on the browser
D. Enable the HTTPS server for the device platform policy
ANSWER : D
What is the most commonly used protocol for network telemetry?
A. SMTP
B. SNMP
C. TFTP
D. NctFlow
ANSWER : D
Which characteristic is unique to a Cisco WSAv as compared to a physical appliance?
A. supports VMware vMotion on VMware ESXi
B. requires an additional license
C. performs transparent redirection
D. supports SSL decryption
A. supports VMware vMotion on VMware ESXi
B. requires an additional license
C. performs transparent redirection
D. supports SSL decryption
ANSWER : A
Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.)
A. flow-export event-type
B. policy-map
C. access-list
D. flow-export template timeout-rate 15
E. access-group
ANSWER : A,B
What provides total management for mobile and PC including managing inventory and device tracking, remote view, and live troubleshooting using the included native remote desktop support?
A. mobile device management
B. mobile content management
C. mobile application management
D. mobile access management
ANSWER : A
Dumpsgroup is a verified platform for certification preparation. Our expert professionals are working day and night to create the perfect Practice Exam so you can pass your exam with flying colors. We provide only the authentic and valid Practice Questions approved by IT Experts. Start your certification journey now!
www.dumpsgroup.com
support@dumpsgroup.com
1104 Long Street, NY, 11206, USA
Feel free to contact us, we are available 24/7.