350-701 VOL3 Question

1

• 350-701 Implementing and Operating Cisco Security
  Core Technologies VOL3
• QUESTION NO 1
• How does Cisco Umbrella provide security without
  negatively impacting network latency or the
  performance of endpoint?
• Umbrella resolves DNS queries based on Cisco
  Talos global threat intelligence.
• Umbrella performs deep packet inspection based on
  Threat Grid, for retrospective security
  capabilities.
• Umbrella proxies all traffic through the global
  Cisco security cloud using anycast routing
• Umbrella utilizes firewall proxies, and notifies
  the firewall when to block outbound connections
  for at-risk traffic.
• Answer A

• QUESTION NO 2
• Which of the following describe ways that a Cloud
  Access Security Broker (CASB) solution can
  provide cloud application security without being
  involved in the actual data path? (Select two.)
• CASB solutions provide logging and event data
  about the cloud application, as well as user
  activity
• CASB solutions leverage API calls between the
  broker and the cloud applications
• CASB solutions redirect users to secure
  HTTPSbased authentication portals
• CASB solutions negotiate encryption suites
  between the cloud application and the user
  interface.
• Answer A, B

• QUESTION NO 3
• How does the Cisco Umbrella solution provide
  enterprise-wide security services in as little as
  a few minutes?
• Through the use of Cisco Meraki Systems Manager,
  where users can instantly push the Umbrella
  Roaming Client to all mobile clients both on and
  off premises.
• By updating user configurations for DNS
  resolution endpoints will be immediately
  protected using the default global protection
  policy.
• By configuring the perimeter firewall to forward
  client DNS requests to Cisco Umbrella. In doing
  this, all endpoints on the corporate network will
  be protected.
• By registering the publicly owned IP space and
  domain name with the Cisco Umbrella intelligent
  proxy

2
Answer B

• QUESTION NO 4
• Which of the following describe benefits of the
  Cisco AMP product? (Select two)
• AMP detects and tracks malware attacks and
  provides remediation support against these
  persistent attacks.
• AMP can automatically discover elements on the
  network.
• AMP provides advanced Intrusion Prevention
  capabilities.
• AMP can control outbreaks in the network through
  the use of custom detection capabilities.
• Answer A, D

• QUESTION NO 5
• Which of the following application layer
  preprocessor on the Cisco Firepower platform is
  responsible for decoding and normalizing
  web-based requests sent using HTTP and the
  associated responses received from web servers?
• DNS Preprocessor
• HTTP Inspect Preprocessor
• Web Preprocessor
• SSL Preprocessor
• Answer B

• QUESTION NO 6
• Which of the following application layer
  preprocessor on the Cisco Firepower platform is
  used to examine encrypted traffic to detect
  attempts to exploit the Heartbleed bug and to
  generate events when dete4cted?
• DCE/RPC Preprocessor
• GTP Preprocessor
• HTTPS Preprocessor
• SSL Preprocessor
• Answer D

3

• QUESTION NO 7
• Which of the following can be manage by the Cisco
  Firepower Management Center? (Select three)
• Cisco ASA series
• Cisco 7000 and 8000 series
• ASA Firepower modules
• NGIPSv devices
• Cisco IOS routers
• Answer B, C, D

• QUESTION NO 8
• You want to implement AAA on a Cisco router to
  centrally manage the authentication and
  authorization controls. What is typically the
  first global command used to do this and is
  mandatory?
• aaa new-model
• aaa enable
• aaa server-group
• aaa authentication login
• Answer A

• QUESTION NO 9
• Which of the following statements regarding the
  Cisco Firepower NGIPS in passive deployment mode
  is true?
• A switch port configured as a SPAN or mirror is
  needed
• It can take actions such as blocking and shaping
  traffic
• It is deployed in band with the flow of traffic
• Traffic on a passive IPS interface is
  retransmitted
• Answer A

• QUESTION NO 10
• Which of the following Cisco devices can be
  managed by Cisco Security Manager? (Select three)
• Cisco ASA 5500 series
• Cisco IOS routers

4

• Cisco Email Security Appliance (ESA)
• Cisco IPS 4200 series
• Cisco AnyConnect Secure Mobility Client
• Answer A, D, E

• QUESTION NO 11
• Which of the following describes the Cisco
  next-generation NAC product that is used to
  manage endpoints, users, and devices within a
  zero-trust architecture?
• Cisco Firepower
• Cisco Umbrella
• Cisco ISE
• Cisco AMP
• Answer C

• QUESTION NO 12
• Which of the following should be implemented to
  prevent ethernet interfaces from being saturated
  by broadcast traffic?
• Dynamic ARP inspection
• DHCO snooping
• BPDU Guard
• Strom Control
• Answer D

• QUESTION NO 13
• Which of the following features of the Cisco
  Firepower solution uses reputation intelligence
  to block connections to or from IP addresses,
  URLs, and domain names?
• Stateful Inspection
• Security Intelligence
• Threat Intelligence
• Cisco TALOS
• Answer B

5

• QUESTION NO 14
• When you integrate a Cisco ISE to an existing
  Active Directory one of the prerequisites is that
  the Cisco ISE sever and the Active Directory is
  synced using NTP. What is the maximum allowed
  time difference between these two devices?
• 5 ms
• 1 minute
• 5 minutes
• 10 minutes
• Answer C

• QUESTION NO 15
• You want to synchronize the time on router R1
  with an IP address of 10.10.10.1 to router R2,
  which is an NTP server with an IP address
  10.100.100.1 You also want to use md5
  authentication to do this. The following
  commands were issued on both R1 and R2
• ntp authentication-key 5 md5 Ciscoauth.
• What else needs to be configured on router R1?
• A. ntp server 10.10.10.1 key 5
• B. ntp peer 10.100.100.1 key 5
• ntp server 10.100.100.1 key 5
• ntp peer 10.10.10.1 key 5
• Answer C

• QUESTION NO 16
• Which of the following statements are true
  regarding stateful and stateless packet filtering
  in a Cisco ASA firepower?
• Stateful packet filtering supports link state
  routing protocols such as OPSF and IS-IS.
• Stateful packet filtering tracks communication
  settings in a state table.
• Only stateless packet filtering can be configured
  using access control lists
• Only stateful packet filtering can be used for
  intrusion prevention.
• Answer B

6

• QUESTION NO 17
• Which of the following terms is used to describe
  a software weakness that compromises its
  functionality?
• exploit
• threat
• risk
• vulnerability
• Answer D

• QUESTION NO 18
• Which of the following malware types is typically
  used to create back doors to give malicious
  users access to a system?
• Virus
• Worm
• Trojan Horse
• Man-in-the-middle
• Answer C

• QUESTION NO19
• Which of the following is a technique that
  utilizes port 53 to exfiltrate data and can be
  used for command-and-control callbacks?
• DNS Security
• DNS Tunneling
• MacSec
• AAAA tunneling
• Answer B

• QUESTION NO 20
• What is the name of the Cisco branded Cloud
  Access Security Broker (CASB) product offering?
• Cloudlock
• Umbrella
• Firepower
• Stealthwatch

7
E. pxGrid Answer A