350-701 VOL1 Question - PowerPoint PPT Presentation

About This Presentation
Title:

350-701 VOL1 Question

Description:

350-701 Implementing and Operating Cisco Security Core Technologies VOL1 – PowerPoint PPT presentation

Number of Views:5
Slides: 7
Provided by: toddlisi00
Tags:

less

Transcript and Presenter's Notes

Title: 350-701 VOL1 Question


1
  • 350-701 Implementing and Operating Cisco Security
    Core Technologies VOL1
  • QUESTION NO 1
  • A malicious entity has targeted the CFO of a
    corporation in an attempt to trick that person
    into divulging internal corporate financial
    information. What of the following best describes
    the type of attack that is being executed?
  • phishing
  • whaling
  • spear phishing
  • DDOS
  • Answer B
  • QUESTION NO 2
  • Which of the following can be implemented to
    mitigate the risks associated with targeted
    phishing attacks within a corporation? (Select
    three)
  • URL filtering
  • Secure ACLs on all switches
  • Regular user awareness training
  • Biometric scanning
  • implement an email and spam filtering appliance
  • Answer A, C, E
  • QUESTION NO 3
  • Brute force, man-in-the middle, and
    dictionary-based attacks can all be mitigated by
    implementing which of the following technologies?
  • Access control lists
  • Firewalls at all network segments
  • SPAM filters
  • URL filtering
  • Multifactor authentication
  • Answer E

QUESTION NO 4
2
  • Which of the following statements are true
    regarding IKE main mode and aggressive mode?
  • Main mode uses 8 packets to establish the first
    phase of IKE, aggressive mode uses 4 packets.
  • Main mode uses 6 packets to establish the first
    phase of IKE, aggressive mode uses 3 packets.
  • Main mode uses 4 packets to establish the first
    phase of IKE, aggressive mode uses 8 packets.
  • Main mode uses 3 packets to establish the first
    phase of IKE, aggressive mode uses 6
  • packets.
  • Answer B
  • QUESTION NO 5
  • Which VPN technology is used for mobile users to
    connect from anywhere to corporate resources
    without the need any client application to be
    installed?
  • GET VPN
  • FLEX VPN
  • SSL VPN
  • Cisco Anyconnect VPN
  • Answer C
  • QUESTION NO 6
  • Which Cisco based group researches and collects
    security related threats, published articles on
    cybersecurity, and offers comprehensive threat
    intelligence?
  • Talos
  • PSIRT
  • TrustSec
  • Cisco ISE
  • Answer A

QUESTION NO 7 In a Software Defined Networking
(SDN), what is used to describe the API
communication between the SDN controller and the
network elements (routers and switches) that it
manages? A. Southbound API
3
  • Northbound API
  • Westbound API
  • Eastbound API.
  • Answer A
  • QUESTION NO 8
  • You have configured a Cisco ASA device in
    multiple context mode. Which of the following are
    true regarding multiple context implementations
    on an ASA? (Select two)
  • Only static routes are supported
  • VPN configurations are supported
  • Multicast is supported
  • The admin context is used to configure and
    administer the other contexts.
  • Answer A, D
  • QUESTION NO 9
  • While troubleshooting an 802.1x implementation,
    the following output was seen
  • Interface PAE Client Status
  • Gi 0/1 AUTH 000d.bcef.bfdc AUTHORIZED
  • Which command was issued to generate this output?
  • show dot1x
  • show dot1x all
  • show dot1x all summary
  • show dot1x interface Gi 0/1
  • Answer C

QUESTION NO 10
Netflow version 9 has been implemented on a Cisco
ASA. Event Logging (NSEL) Event IDs (Select
three)
What are the valid NetFlow Secure
  1. Flow was allowed
  2. Flow was denied
  3. Flow was created

4
D. Flow was deleted E. Flow error
occurred Answer B, C, D
  • QUESTION NO 11
  • Which of the following are the responsibility of
    the customer in a cloud-based Platform as a
    Service (PaaS) offering? (Choose two)
  • Application
  • Data
  • Middleware
  • Operating System
  • Virtualization
  • Answer A, B
  • QUESTION NO 12
  • Which of the following are the responsibility of
    the customer in a cloud-based Software as a
    Service (SaaS) offering?
  • Application
  • Data
  • Middleware
  • None of the above
  • Answer D
  • QUESTION NO 13
  • Which of the following scenarios would most
    likely result in Company A choosing the deploy a
  • hybrid cloud model?
  • Company A has stringent security requirements and
    wants all data to remain within their network.
  • Company A just allocated a large number of
    resources and networking equipment within their
    data center.
  • Company A is concerned about security, but
    understands that some data can leave their
    network in order to increase efficiency.
  • Company A has little to no staff that is capable
    of managing networking or data center equipment

5
Answer C
  • QUESTION NO 14
  • Which of the following are benefits of utilizing
    Application Programming Interfaces (APIs) in the
    network? (Choose two)
  • Increased efficiency in network management
    through the use of automation.
  • Better integration with third party applications.
  • Eliminates the need for native management tools.
  • APIs are required for most BYOD deployments.
  • Answer A, B
  • QUESTION NO 15
  • How does Cisco Stealthwatch Enterprise receive
    telemetry data from endpoints?
  • Firewall and Router logs
  • syslog messages
  • flow data, including NetFlow, IPFIX, and sFlow
  • IPS/IDS sensor logs and data
  • Answer C
  • QUESTION NO 16
  • A disgruntled employee has just left the company.
    Which of the following deployments is best
    suited to secure the data within that employees
    BYOD device?
  • Mobile Device Management (MDM)
  • Cisco DNA Center
  • Cisco Umbrella
  • Integrated APIs for BYOD devise.
  • Answer A

QUESTION NO 17 How does Cisco Stealthwatch Cloud
receive telemetry data from endpoints? (Select
two)
6
  • flow data, including NetFlow, IPFIX, and sFlow
  • VPC flow data from Amazaon We Services (AWS)
  • IPS/IDS sensor logs and data
  • Flow data from Microsoft Azure
  • syslog data
  • Answer B, D
  • QUESTION NO 18
  • What are two valid reasons for implementing
    retrospective security in a network? (Select two)
  • Find malware that was previously unidentified
  • updating firewall rules to deny traffic that was
    allowed
  • Updating IPS/IDS signatures
  • Tracing the path that a file took over a period
    of time
  • Answer A, D
  • QUESTION NO 19
  • How does the Cisco Umbrella product offering
    determine the policy that should be applied for
    inbound DNS requests?
  • Customers are assigned DNS resolvers individually
    to use for all DNS requests
  • Cisco Umbrella users select the policy to use in
    the Umbrella client application.
  • Cisco Umbrella users select the policy to use
    from the GUI based dashboard.
  • Cisco Umbrella determines the policy based on the
    source IP address of the DNS request.
  • Answer D
  • QUESTION NO 20
  • Which of the following application layer
    preprocessor on the Cisco Firepower platform is
    responsible for decoding and normalizing
    web-based requests sent using HTTP and the
    associated responses received from web servers?
  • DNS Preprocessor
  • HTTP Inspect Preprocessor
  • Web Preprocessor
  • SSL Preprocessor
  • Answer B
Write a Comment
User Comments (0)
About PowerShow.com