Best October Special Limited Time 50% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4s50disc

350-701 PDF

$51.25

$102.5

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

350-701 PDF + Testing Engine

$70

$139.99

3 Months Free Update

  • Exam Name: Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Last Update: Oct 20, 2021
  • Questions and Answers: 359
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

350-701 Engine

$57.5

$114.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

350-701 Implementing and Operating Cisco Security Core Technologies (SCOR) Questions and Answers

Question # 4

Drag and drop the descriptions from the left onto the encryption algorithms on the right.

Full Access
Question # 5

Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System? (Choose two)

A.

Port

B.

Rule

C.

Source

D.

Application

E.

Protocol

Full Access
Question # 6

A network administrator configures Dynamic ARP Inspection on a switch. After Dynamic ARP Inspection is applied, all users on that switch are unable to communicate with any destination. The network administrator checks the interface status of all interfaces, and there is no err-disabled interface. What is causing this problem?

A.

DHCP snooping has not been enabled on all VLANs.

B.

The ip arp inspection limit command is applied on all interfaces and is blocking the traffic of all users.

C.

Dynamic ARP Inspection has not been enabled on all VLANs

D.

The no ip arp inspection trust command is applied on all user host interfaces

Full Access
Question # 7

An engineer is configuring IPsec VPN and needs an authentication protocol that is reliable and supports ACK

and sequence. Which protocol accomplishes this goal?

A.

AES-192

B.

IKEv1

C.

AES-256

D.

ESP

Full Access
Question # 8

A customer has various external HTTP resources available including Intranet. Extranet, and Internet, with a proxy configuration running in explicit mode Which method allows the client desktop browsers to be configured to select when to connect direct or when to use the proxy?

A.

Transparent mode

B.

Forward file

C.

PAC file

D.

Bridge mode

Full Access
Question # 9

Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?

A.

consumption

B.

sharing

C.

analysis

D.

authoring

Full Access
Question # 10

An organization recently installed a Cisco WSA and would like to take advantage of the AVC engine to allow the organization to create a policy to control application specific activity. After enabling the AVC engine, what must be done to implement this?

A.

Use security services to configure the traffic monitor, .

B.

Use URL categorization to prevent the application traffic.

C.

Use an access policy group to configure application control settings.

D.

Use web security reporting to validate engine functionality

Full Access
Question # 11

In which cloud services model is the tenant responsible for virtual machine OS patching?

A.

IaaS

B.

UCaaS

C.

PaaS

D.

SaaS

Full Access
Question # 12

How does DNS Tunneling exfiltrate data?

A.

An attacker registers a domain that a client connects to based on DNS records and sends malware through

that connection.

B.

An attacker opens a reverse DNS shell to get into the client’s system and install malware on it.

C.

An attacker uses a non-standard DNS port to gain access to the organization’s DNS servers in order to

poison the resolutions.

D.

An attacker sends an email to the target with hidden DNS resolvers in it to redirect them to a malicious

domain.

Full Access
Question # 13

What is a prerequisite when integrating a Cisco ISE server and an AD domain?

A.

Place the Cisco ISE server and the AD server in the same subnet

B.

Configure a common administrator account

C.

Configure a common DNS server

D.

Synchronize the clocks of the Cisco ISE server and the AD server

Full Access
Question # 14

In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?

A.

man-in-the-middle

B.

cross-site scripting

C.

insecure API

Full Access
Question # 15

When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the

command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for. What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?

A.

The key server that is managing the keys for the connection will be at 1.2.3.4

B.

The remote connection will only be allowed from 1.2.3.4

C.

The address that will be used as the crypto validation authority

D.

All IP addresses other than 1.2.3.4 will be allowed

Full Access
Question # 16

What is a difference between FlexVPN and DMVPN?

A.

DMVPN uses IKEv1 or IKEv2, FlexVPN only uses IKEv1

B.

DMVPN uses only IKEv1 FlexVPN uses only IKEv2

C.

FlexVPN uses IKEv2, DMVPN uses IKEv1 or IKEv2

D.

FlexVPN uses IKEv1 or IKEv2, DMVPN uses only IKEv2

Full Access
Question # 17

Which Dos attack uses fragmented packets to crash a target machine?

A.

smurf

B.

MITM

C.

teardrop

D.

LAND

Full Access
Question # 18

An organization is using Cisco Firepower and Cisco Meraki MX for network security and needs to centrally

manage cloud policies across these platforms. Which software should be used to accomplish this goal?

A.

Cisco Defense Orchestrator

B.

Cisco Secureworks

C.

Cisco DNA Center

D.

Cisco Configuration Professional

Full Access
Question # 19

Which method is used to deploy certificates and configure the supplicant on mobile devices to gain access to

network resources?

A.

BYOD on boarding

B.

Simple Certificate Enrollment Protocol

C.

Client provisioning

D.

MAC authentication bypass

Full Access
Question # 20

Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)

A.

put

B.

options

C.

get

D.

push

E.

connect

Full Access
Question # 21

Refer to the exhibit.

A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status. What is the problem according to this command output?

A.

hashing algorithm mismatch

B.

encryption algorithm mismatch

C.

authentication key mismatch

D.

interesting traffic was not applied

Full Access
Question # 22

Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?

A.

RSA SecureID

B.

Internal Database

C.

Active Directory

D.

LDAP

Full Access
Question # 23

Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware?

(Choose two)

A.

Sophos engine

B.

white list

C.

RAT

D.

outbreak filters

E.

DLP

Full Access
Question # 24

A Cisco AMP for Endpoints administrator configures a custom detection policy to add specific MD5 signatures The configuration is created in the simple detection policy section, but it does not work What is the reason for this failure?

A.

The administrator must upload the file instead of the hash for Cisco AMP to use.

B.

The MD5 hash uploaded to the simple detection policy is in the incorrect format

C.

The APK must be uploaded for the application that the detection is intended

D.

Detections for MD5 signatures must be configured in the advanced custom detection policies

Full Access
Question # 25

Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious?

A.

AMP

B.

AnyConnect

C.

DynDNS

D.

Talos

Full Access
Question # 26

An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which

probe must be enabled for this type of profiling to work?

A.

NetFlow

B.

NMAP

C.

SNMP

D.

DHCP

Full Access
Question # 27

What is a functional difference between a Cisco ASA and a Cisco IOS router with Zone-based policy firewall?

A.

The Cisco ASA denies all traffic by default whereas the Cisco IOS router with Zone-Based Policy Firewall starts out by allowing all traffic, even on untrusted interfaces

B.

The Cisco IOS router with Zone-Based Policy Firewall can be configured for high availability, whereas the Cisco ASA cannot

C.

The Cisco IOS router with Zone-Based Policy Firewall denies all traffic by default, whereas the Cisco ASA starts out by allowing all traffic until rules are added

D.

The Cisco ASA can be configured for high availability whereas the Cisco IOS router with Zone-Based Policy Firewall cannot

Full Access
Question # 28

Which Cisco Advanced Malware protection for Endpoints deployment architecture is designed to keep data

within a network perimeter?

A.

cloud web services

B.

network AMP

C.

private cloud

D.

public cloud

Full Access
Question # 29

Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two)

A.

DDoS

B.

antispam

C.

antivirus

D.

encryption

E.

DLP

Full Access
Question # 30

How is ICMP used an exfiltration technique?

A.

by flooding the destination host with unreachable packets

B.

by sending large numbers of ICMP packets with a targeted hosts source IP address using an IP broadcast address

C.

by encrypting the payload in an ICMP packet to carry out command and control tasks on a compromised host

D.

by overwhelming a targeted host with ICMP echo-request packets

Full Access
Question # 31

Which threat involves software being used to gain unauthorized access to a computer system?

A.

virus

B.

NTP amplification

C.

ping of death

D.

HTTP flood

Full Access
Question # 32

An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. The organization

needs to ensure that the ISAKMP key on the hub is used only for terminating traffic from the IP address of

172.19.20.24. Which command on the hub will allow the administrator to accomplish this?

A.

crypto ca identity 172.19.20.24

B.

crypto isakmp key Cisco0123456789 172.19.20.24

C.

crypto enrollment peer address 172.19.20.24

D.

crypto isakmp identity address 172.19.20.24

Full Access
Question # 33

The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?

A.

SDN controller and the cloud

B.

management console and the SDN controller

C.

management console and the cloud

D.

SDN controller and the management solution

Full Access
Question # 34

Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)

A.

Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS

B.

Cisco FTDv with one management interface and two traffic interfaces configured

C.

Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises

D.

Cisco FTDv with two management interfaces and one traffic interface configured

E.

Cisco FTDv configured in routed mode and IPv6 configured

Full Access
Question # 35

Which two descriptions of AES encryption are true? (Choose two)

A.

AES is less secure than 3DES.

B.

AES is more secure than 3DES.

C.

AES can use a 168-bit key for encryption.

D.

AES can use a 256-bit key for encryption.

E.

AES encrypts and decrypts a key three times in sequence.

Full Access
Question # 36

An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows. What action would allow the attacker to gain access to machine 1 but not machine 2?

A.

sniffing the packets between the two hosts

B.

sending continuous pings

C.

overflowing the buffer’s memory

D.

inserting malicious commands into the database

Full Access
Question # 37

An engineer has been tasked with implementing a solution that can be leveraged for securing the cloud users,

data, and applications. There is a requirement to use the Cisco cloud native CASB and cloud cybersecurity

platform. What should be used to meet these requirements?

A.

Cisco Umbrella

B.

Cisco Cloud Email Security

C.

Cisco NGFW

D.

Cisco Cloudlock

Full Access
Question # 38

An engineer integrates Cisco FMC and Cisco ISE using pxGrid Which role is assigned for Cisco FMC?

A.

client

B.

server

C.

controller

D.

publisher

Full Access
Question # 39

Refer to the exhibit.

How does Cisco Umbrella manage traffic that is directed toward risky domains?

A.

Traffic is proximed through the intelligent proxy.

B.

Traffic is managed by the security settings and blocked.

C.

Traffic is managed by the application settings, unhandled and allowed.

D.

Traffic is allowed but logged.

Full Access
Question # 40

Which technology must be used to implement secure VPN connectivity among company branches over a

private IP cloud with any-to-any scalable connectivity?

A.

DMVPN

B.

FlexVPN

C.

IPsec DVTI

D.

GET VPN

Full Access
Question # 41

Refer to the exhibit.

Refer to the exhibit. A Cisco ISE administrator adds a new switch to an 802.1X deployment and has difficulty with some endpoints gaining access.

Most PCs and IP phones can connect and authenticate using their machine certificate credentials. However printer and video cameras cannot base d on the interface configuration provided, what must be to get these devices on to the network using Cisco ISE for authentication and authorization while maintaining security controls?

A.

Change the default policy in Cisco ISE to allow all devices not using machine authentication .

B.

Enable insecure protocols within Cisco ISE in the allowed protocols configuration.

C.

Configure authentication event fail retry 2 action authorize vlan 41 on the interface

D.

Add mab to the interface configuration.

Full Access
Question # 42

How is DNS tunneling used to exfiltrate data out of a corporate network?

A.

It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks.

B.

It encodes the payload with random characters that are broken into short strings and the DNS server

rebuilds the exfiltrated data.

C.

It redirects DNS requests to a malicious server used to steal user credentials, which allows further damage

and theft on the network.

D.

It leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers.

Full Access
Question # 43

What is a language format designed to exchange threat intelligence that can be transported over the TAXII

protocol?

A.

STIX

B.

XMPP

C.

pxGrid

D.

SMTP

Full Access
Question # 44

What is the difference between deceptive phishing and spear phishing?

A.

Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.

B.

A spear phishing campaign is aimed at a specific person versus a group of people.

C.

Spear phishing is when the attack is aimed at the C-level executives of an organization.

D.

Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.

Full Access
Question # 45

Refer to the exhibit. What does this Python script accomplish?

A.

It allows authentication with TLSv1 SSL protocol

B.

It authenticates to a Cisco ISE with an SSH connection.

C.

lt authenticates to a Cisco ISE server using the username of ersad

Full Access
Question # 46

A network engineer is trying to figure out whether FlexVPN or DMVPN would fit better in their environment.

They have a requirement for more stringent security multiple security associations for the connections, more efficient VPN establishment as well consuming less bandwidth. Which solution would be best for this and why?

A.

DMVPN because it supports IKEv2 and FlexVPN does not

B.

FlexVPN because it supports IKEv2 and DMVPN does not

C.

FlexVPN because it uses multiple SAs and DMVPN does not

D.

DMVPN because it uses multiple SAs and FlexVPN does not

Full Access
Question # 47

An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco ISE. The engineer wants to authenticate users using their account when they log into network devices. Which action accomplishes this task?

A.

Configure Cisco DUO with the external Active Directory connector and tie it to the policy set within Cisco ISE.

B.

Install and configure the Cisco DUO Authentication Proxy and configure the identity source sequence within Cisco ISE

C.

Create an identity policy within Cisco ISE to send all authentication requests to Cisco DUO.

D.

Modify the current policy with the condition MFASourceSequence DUO=true in the authorization conditions within Cisco ISE

Full Access
Question # 48

For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs? (Choose two)

A.

SDP

B.

LDAP

C.

subordinate CA

D.

SCP

E.

HTTP

Full Access
Question # 49

What is a benefit of using telemetry over SNMP to configure new routers for monitoring purposes?

A.

Telemetry uses a pull mehod, which makes it more reliable than SNMP

B.

Telemetry uses push and pull, which makes it more scalable than SNMP

C.

Telemetry uses push and pull which makes it more secure than SNMP

D.

Telemetry uses a push method which makes it faster than SNMP

Full Access
Question # 50

An organization wants to secure data in a cloud environment. Its security model requires that all users be

authenticated and authorized. Security configuration and posture must be continuously validated before access is granted or maintained to applications and data. There is also a need to allow certain application traffic and deny all other traffic by default. Which technology must be used to implement these requirements?

A.

Virtual routing and forwarding

B.

Microsegmentation

C.

Access control policy

D.

Virtual LAN

Full Access
Question # 51

What is the role of an endpoint in protecting a user from a phishing attack?

A.

Use Cisco Stealthwatch and Cisco ISE Integration.

B.

Utilize 802.1X network security to ensure unauthorized access to resources.

C.

Use machine learning models to help identify anomalies and determine expected sending behavior.

D.

Ensure that antivirus and anti malware software is up to date

Full Access
Question # 52

An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?

A.

Set a trusted interface for the DHCP server

B.

Set the DHCP snooping bit to 1

C.

Add entries in the DHCP snooping database

D.

Enable ARP inspection for the required VLAN

Full Access
Question # 53

Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps.

Which two actions must be taken to ensure that interfaces are put back into service? (Choose two)

A.

Have Cisco Prime Infrastructure issue an SNMP set command to re-enable the ports after the pre

configured interval.

B.

Use EEM to have the ports return to service automatically in less than 300 seconds.

C.

Enter the shutdown and no shutdown commands on the interfaces.

D.

Enable the snmp-server enable traps command and wait 300 seconds

E.

Ensure that interfaces are configured with the error-disable detection and recovery feature

Full Access