DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Master the Cisco 350-701 SCOR Exam with Realistic Practice Tests

SPOTO Cisco 350-701 SCOR Practice Tests are a comprehensive study guide designed to prepare you for the Cisco certification in Implementing and Operating Cisco Security Core Technologies. This exam assesses your knowledge and skills in implementing and operating core security technologies, including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility, and enforcement. Utilize the study materials, exam resources, and mock exams provided in this guide to enhance your understanding of security core technologies. The exam questions and answers are carefully crafted to mirror the complexity and format of the actual test, allowing you to practice effectively and improve your exam readiness. Successfully passing the Cisco 350-701 SCOR exam validates your expertise in security core technologies and demonstrates your capability to secure modern network infrastructures. With dedicated exam preparation and strategic use of study materials, you'll be well-prepared to tackle test questions and achieve your Cisco certification goals. Start your journey to success today with this comprehensive exam preparation guide.
Take other online exams

Question #1
What is an attribute of the DevSecOps process?
A. ridge Protocol Data Unit guard
B. mbedded event monitoring
C. torm control
D. ccess control lists
View answer
Correct Answer: C

View The Updated 350-701 Exam Questions

SPOTO Provides 100% Real 350-701 Exam Questions for You to Pass Your 350-701 Exam!

Question #2
A mall provides security services to customers with a shared appliance. The mall wants separation of management on the shared appliance.Which ASA deployment mode meets these needs?
A. SA with Firepower module cannot be deployed
B. t cannot take actions such as blocking traffic
C. t is out-of-band from traffic
D. t must have inline interface pairs configured
View answer
Correct Answer: C
Question #3
What is the purpose of the My Devices Portal in a Cisco ISE environment?
A. o register new laptops and mobile devices
B. o request a newly provisioned mobile device
C. o provision userless and agentless systems
D. o manage and deploy antivirus definitions and patches on systems owned by the end user
View answer
Correct Answer: A
Question #4
An organization is using Cisco Firepower and Cisco Meraki MX for network security and needs to centrally manage cloud policies across these platforms.Which software should be used to accomplish this goal?
A. isco Defense Orchestrator
B. isco Secureworks
C. isco DNA Center
D. isco Configuration Professional
View answer
Correct Answer: A
Question #5
An organization is trying to improve their Defense in Depth by blocking malicious destinations prior to a connection being established. The solution must be able to block certain applications from being used within the network.Which product should be used to accomplish this goal?
A. isco Firepower
B. isco Umbrella
C. SE
D. MP
View answer
Correct Answer: B
Question #6
A Cisco ESA network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is discovered that the Cisco ESA is not dropping files that have an undetermined verdict.What is causing this issue?
A. he policy was created to send a message to quarantine instead of drop
B. he file has a reputation score that is above the threshold
C. he file has a reputation score that is below the threshold
D. he policy was created to disable file analysis
View answer
Correct Answer: D
Question #7
An engineer has been tasked with configuring a Cisco FTD to analyze protocol fields and detect anomalies in the traffic from industrial systems.What must be done to meet these requirements?
A. mplement pre-filter policies for the CIP preprocessor
B. nable traffic analysis in the Cisco FTD
C. onfigure intrusion rules for the DNP3 preprocessor
D. odify the access control policy to trust the industrial traffic
View answer
Correct Answer: C
Question #8
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?
A. nable IP Layer enforcement
B. ctivate the Advanced Malware Protection license
C. ctivate SSL decryption
D. nable Intelligent Proxy
View answer
Correct Answer: D
Question #9
Which cloud service model offers an environment for cloud consumers to develop and deploy applications without needing to manage or maintain the underlying cloud infrastructure?
A. aaS
B. aaS
C. aaS
D. aaS
View answer
Correct Answer: A
Question #10
Which exfiltration method does an attacker use to hide and encode data inside DNS requests and queries?
A. NS tunneling
B. NSCrypt
C. NS security
D. NSSEC
View answer
Correct Answer: A
Question #11
What is a capability of Cisco ASA Netflow?
A. t filters NSEL events based on traffic
B. t generates NSEL events even if the MPF is not configured
C. t logs all event types only to the same collector
D. t sends NetFlow data records from active and standby ASAs in an active standby failover pair
View answer
Correct Answer: A
Question #12
Which public cloud provider supports the Cisco Next Generation Firewall Virtual?
A. oogle Cloud Platform
B. ed Hat Enterprise Visualization
C. Mware ESXi
D. mazon Web Services
View answer
Correct Answer: D
Question #13
What is the function of SDN southbound API protocols?
A. o allow for the dynamic configuration of control plane applications
B. o enable the controller to make changes
C. o enable the controller to use REST
D. o allow for the static configuration of control plane applications
View answer
Correct Answer: B
Question #14
Which Cisco platform ensures that machines that connect to organizational networks have the recommended antivirus definitions and patches to help prevent an organizational malware outbreak?
A. n attacker registers a domain that a client connects to based on DNS records and sends malware through that connection
B. n attacker opens a reverse DNS shell to get into the client's system and install malware on it
C. n attacker uses a non-standard DNS port to gain access to the organization's DNS servers in order to poison the resolutions
D. n attacker sends an email to the target with hidden DNS resolvers in it to redirect them to a malicious domain
View answer
Correct Answer: C
Question #15
What is the benefit of integrating Cisco ISE with a MDM solution?
A. t provides compliance checks for access to the network
B. t provides the ability to update other applications on the mobile device
C. t provides the ability to add applications to the mobile device through Cisco ISE
D. t provides network device administration access
View answer
Correct Answer: A
Question #16
What is a functional difference between a Cisco ASA and a Cisco IOS router with Zone-based policy firewall?
A. he Cisco ASA denies all traffic by default whereas the Cisco IOS router with Zone-Based Policy Firewall starts out by allowing all traffic, even on untrusted interfaces
B. he Cisco IOS router with Zone-Based Policy Firewall can be configured for high availability, whereas the Cisco ASA cannot
C. he Cisco IOS router with Zone-Based Policy Firewall denies all traffic by default, whereas the Cisco ASA starts out by allowing all traffic until rules are added
D. he Cisco ASA can be configured for high availability whereas the Cisco IOS router with Zone- Based Policy Firewall cannot
View answer
Correct Answer: A
Question #17
What is the purpose of the certificate signing request when adding a new certificate for a server?
A. t is the password for the certificate that is needed to install it with
B. t provides the server information so a certificate can be created and signed
C. t provides the certificate client information so the server can authenticate against it when installing
D. t is the certificate that will be loaded onto the server
View answer
Correct Answer: B
Question #18
A network engineer must monitor user and device behavior within the on-premises network. This data must be sent to the Cisco Stealthwatch Cloud analytics platform for analysis.What must be done to meet this requirement using the Ubuntu-based VM appliance deployed in a VMware-based hypervisor?
A. onfigure a Cisco FMC to send syslogs to Cisco Stealthwatch Cloud
B. eploy the Cisco Stealthwatch Cloud PNM sensor that sends data to Cisco Stealthwatch Cloud
C. eploy a Cisco FTD sensor to send network events to Cisco Stealthwatch Cloud
D. onfigure a Cisco FMC to send NetFlow to Cisco Stealthwatch Cloud
View answer
Correct Answer: B
Question #19
Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)
A. ertificate Trust List
B. ndpoint Trust List
C. nterprise Proxy Service
D. ecured Collaboration Proxy
View answer
Correct Answer: CD
Question #20
What is the benefit of installing Cisco AMP for Endpoints on a network?
A. t provides operating system patches on the endpoints for security
B. t provides flow-based visibility for the endpoints network connections
C. t enables behavioral analysis to be used for the endpoints
D. t protects endpoint systems through application control and real-time scanning
View answer
Correct Answer: D
Question #21
In which two ways does a system administrator send web traffic transparently to the Web Security Appliance?(Choose two)
A. isco SDA
B. isco Firepower
C. isco HyperFlex
D. isco Cloudlock
View answer
Correct Answer: BE
Question #22
Which network monitoring solution uses streams and pushes operational data to provide a near real- time view of activity?
A. NMP
B. MTP
C. yslog
D. odel-driven telemetry
View answer
Correct Answer: D
Question #23
08. In a PaaS model, which layer is the tenant responsible for maintaining and patching?
A. ypervi
B. irtualmachine
C. etwork
D. pplicati
View answer
Correct Answer: D
Question #24
Refer to the exhibit.Refer to the exhibit. A Cisco ISE administrator adds a new switch to an 802.1X deployment and has difficulty with some endpoints gaining access.Most PCs and IP phones can connect and authenticate using their machine certificate credentials. However printer and video cameras cannot base d on the interface configuration provided, what must be to get these devices on to the network using Cisco ISE for authentication and authorization while maintaining security controls?
A. hange the default policy in Cisco ISE to allow all devices not using machine authentication
B. nable insecure protocols within Cisco ISE in the allowed protocols configuration
C. onfigure authentication event fail retry 2 action authorize vlan 41 on the interface
D. dd mab to the interface configuration
View answer
Correct Answer: D
Question #25
A network administrator is configuring SNMPv3 on a new router. The users have already been created;however, an additional configuration is needed to facilitate access to the SNMP views.What must the administrator do to accomplish this?
A. ap SNMPv3 users to SNMP views
B. et the password to be used for SNMPv3 authentication
C. efine the encryption algorithm to be used by SNMPv3
D. pecify the UDP port used by SNMP
View answer
Correct Answer: B
Question #26
Which attack type attempts to shut down a machine or network so that users are not able to access it?
A. MVPN supports tunnel encryption, whereas sVTI does not
B. MVPN supports dynamic tunnel establishment, whereas sVTI does not
C. MVPN supports static tunnel establishment, whereas sVTI does not
D. MVPN provides interoperability with other vendors, whereas sVTI does not
View answer
Correct Answer: A
Question #27
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group.Which probe must be enabled for this type of profiling to work?
A. etFlow
B. MAP
C. NMP
D. HCP
View answer
Correct Answer: B
Question #28
An engineer needs a cloud solution that will monitor traffic, create incidents based on events, and integrate with other cloud solutions via an API.Which solution should be used to accomplish this goal?
A. IEM
B. ASB
C. daptive MFA
D. isco Cloudlock
View answer
Correct Answer: D
Question #29
What is the primary benefit of deploying an ESA in hybrid mode?
A. ou can fine-tune its settings to provide the optimum balance between security and performance for your environment
B. t provides the lowest total cost of ownership by reducing the need for physical appliances
C. t provides maximum protection and control of outbound messages
D. t provides email security while supporting the transition to the cloud
View answer
Correct Answer: D
Question #30
How is DNS tunneling used to exfiltrate data out of a corporate network?
A. t corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks
B. t encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data
C. t redirects DNS requests to a malicious server used to steal user credentials, which allows further damage and theft on the network
D. t leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers
View answer
Correct Answer: B
Question #31
Which information is required when adding a device to Firepower Management Center?
A. sername and password
B. ncryption method
C. evice serial number
D. egistration key
View answer
Correct Answer: D
Question #32
Which category includes DoS Attacks?
A. irus attacks
B. rojan attacks
C. lood attacks
D. hishing attacks
View answer
Correct Answer: C
Question #33
When planning a VPN deployment, for which reason does an engineer opt for an active/active FlexVPNconfiguration as opposed to DMVPN?
A. ultiple routers or VRFs are required
B. raffic is distributed statically by default
C. loating static routes are required
D. SRP is used for faliover
View answer
Correct Answer: B
Question #34
DRAG DROP (Drag and Drop is not supported)Drag and drop the descriptions from the left onto the correct protocol versions on the right.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #35
An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?
A. et a trusted interface for the DHCP server
B. et the DHCP snooping bit to 1
C. dd entries in the DHCP snooping database
D. nable ARP inspection for the required VLAN
View answer
Correct Answer: A
Question #36
What is the function of the Context Directory Agent?
A. aintains users' group memberships
B. elays user authentication requests from Web Security Appliance to Active Directory
C. eads the Active Directory logs to map IP addresses to usernames D
View answer
Correct Answer: C
Question #37
What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?
A. threat intelligence
B. Indicators of Compromise
C. trusted automated exchange
D. The Exploit Database
View answer
Correct Answer: A
Question #38
Which two probes are configured to gather attributes of connected endpoints using Cisco Identity ServicesEngine? (Choose two)
A. SA SecureID
B. nternal Database
C. ctive Directory
D. DAP
View answer
Correct Answer: AC
Question #39
What is a function of 3DES in reference to cryptography?
A. t hashes files
B. t creates one-time use passwords
C. t encrypts traffic
D. t generates private keys
View answer
Correct Answer: C
Question #40
What is provided by the Secure Hash Algorithm in a VPN?
A. ntegrity
B. ey exchange
C. ncryption
D. uthentication
View answer
Correct Answer: A
Question #41
An administrator configures new authorization policies within Cisco ISE and has difficulty profiling the devices. Attributes for the new Cisco IP phones that are profiled based on the RADIUS authentication are seen however the attributes for CDP or DHCP are not.What should the administrator do to address this issue?
A. onfigure the ip dhcp snooping trust command on the DHCP interfaces to get the information to Cisco ISE
B. onfigure the authentication port-control auto feature within Cisco ISE to identify the devices that are trying to connect
C. onfigure a service template within the switch to standardize the port configurations so that the correct information is sent to Cisco ISE
D. onfigure the device sensor feature within the switch to send the appropriate protocol information
View answer
Correct Answer: D
Question #42
What is managed by Cisco Security Manager?
A. ccess point
B. SA
C. SA
D. SA
View answer
Correct Answer: C
Question #43
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
A. ser input validation in a web page or web application
B. inux and Windows operating systems
C. atabase
D. eb page images
View answer
Correct Answer: A
Question #44
An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed through the Cisco Umbrella network.Which action tests the routing?
A. ile Analysis
B. afeSearch
C. SL Decryption
D. estination Lists
View answer
Correct Answer: B
Question #45
A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?
A. MP calculates the SHA-256 fingerprint, caches it, and periodically attempts the upload
B. he file is queued for upload when connectivity is restored
C. he file upload is abandoned
D. he ESA immediately makes another attempt to upload the file
View answer
Correct Answer: C
Question #46
An engineer needs a solution for TACACS+ authentication and authorization for device administration.The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to use 802.1X, MAB, or WebAuth.Which product meets all of these requirements?
A. isco Prime Infrastructure
B. isco Identity Services Engine
C. isco Stealthwatch
D. isco AMP for Endpoints
View answer
Correct Answer: B
Question #47
An organization configures Cisco Umbrella to be used for its DNS services. The organization must be able to block traffic based on the subnet that the endpoint is on but it sees only the requests from its public IP address instead of each internal IP address.What must be done to resolve this issue?
A. et up a Cisco Umbrella virtual appliance to internally field the requests and see the traffic of each IP address
B. se the tenant control features to identify each subnet being used and track the connections within theCisco Umbrella dashboard
C. nstall the Microsoft Active Directory Connector to give IP address information stitched to the requests in the Cisco Umbrella dashboard
D. onfigure an internal domain within Cisco Umbrella to help identify each address and create policy from the domains
View answer
Correct Answer: A
Question #48
A company discovered an attack propagating through their network via a file. A custom file policy was created in order to track this in the future and ensure no other endpoints execute the infected file. In addition, it was discovered during testing that the scans are not detecting the file as an indicator of compromise.What must be done in order to ensure that the created is functioning as it should?
A. reate an IP block list for the website from which the file was downloaded
B. lock the application that the file was using to open
C. pload the hash for the file into the policy
D. end the file to Cisco Threat Grid for dynamic analysis
View answer
Correct Answer: C
Question #49
An organization wants to use Cisco FTD or Cisco ASA devices. Specific URLs must be blocked from being accessed via the firewall which requires that the administrator input the bad URL categories that the organization wants blocked into the access policy.Which solution should be used to meet this requirement?
A. isco ASA because it enables URL filtering and blocks malicious URLs by default, whereas Cisco FTDdoes not
B. isco ASA because it includes URL filtering in the access control policy capabilities, whereas Cisco FTD does not
C. isco FTD because it includes URL filtering in the access control policy capabilities, whereas Cisco ASA does not
D. isco FTD because it enables URL filtering and blocks malicious URLs by default, whereas Cisco ASA does not
View answer
Correct Answer: C
Question #50
What can be integrated with Cisco Threat Intelligence Director to provide information about security threats,which allows the SOC to proactively automate responses to those threats?
A. isco Umbrella
B. xternal Threat Feeds
C. isco Threat Grid
D. isco Stealthwatch
View answer
Correct Answer: C
Question #51
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion PreventionSystem?
A. orrelation
B. ntrusion
C. ccess Control
D. etwork Discovery
View answer
Correct Answer: D
Question #52
Which feature of Cisco ASA allows VPN users to be postured against Cisco ISE without requiring an inline posture node?
A. ADIUS Change of Authorization
B. evice tracking
C. HCP snooping
D. LAN hopping
View answer
Correct Answer: A
Question #53
Which two request methods of REST API are valid on the Cisco ASA Platform? (Choose two.)
A. ut
B. ptions
C. et
D. ush
E. onnect
View answer
Correct Answer: AC
Question #54
What is a feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?
A. ultiple NetFlow collectors are supported
B. dvanced NetFlow v9 templates and legacy v5 formatting are supported
C. ecure NetFlow connections are optimized for Cisco Prime Infrastructure
D. low-create events are delayed
View answer
Correct Answer: B
Question #55
An organization is selecting a cloud architecture and does not want to be responsible for patch management of the operating systems.Why should the organization select either Platform as a Service or Infrastructure as a Service for this environment?
A. latform as a Service because the customer manages the operating system
B. nfrastructure as a Service because the customer manages the operating system
C. latform as a Service because the service provider manages the operating system
D. nfrastructure as a Service because the service provider manages the operating system
View answer
Correct Answer: C
Question #56
An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, what action will resolve this issue?
A. onfigure security appliances to send syslogs to Cisco Stealthwatch Cloud
B. onfigure security appliances to send NetFlow to Cisco Stealthwatch Cloud
C. eploy a Cisco FTD sensor to send events to Cisco Stealthwatch Cloud
D. eploy a Cisco Stealthwatch Cloud sensor on the network to send data to Cisco Stealthwatch Cloud
View answer
Correct Answer: D
Question #57
Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepower block based?(Choose two)
A. isco WiSM
B. isco ESA
C. isco ISE
D. isco Prime Infrastructure
View answer
Correct Answer: AC
Question #58
What is a benefit of using Cisco CWS compared to an on-premises Cisco WSA?
A. isco CWS eliminates the need to backhaul traffic through headquarters for remote workers whereas Cisco WSA does not
B. isco CWS minimizes the load on the internal network and security infrastructure as compared to Cisco WSA
C. RL categories are updated more frequently on Cisco CWS than they are on Cisco WSA
D. ontent scanning for SAAS cloud applications is available through Cisco CWS and not available through Cisco WSA
View answer
Correct Answer: A
Question #59
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?
A. DN controller and the cloud
B. anagement console and the SDN controller
C. anagement console and the cloud
D. DN controller and the management solution
View answer
Correct Answer: D
Question #60
A Cisco AMP for Endpoints administrator configures a custom detection policy to add specific MD5 signatures The configuration is created in the simple detection policy section, but it does not work What is the reason for this failure?
A. he administrator must upload the file instead of the hash for Cisco AMP to use
B. he MD5 hash uploaded to the simple detection policy is in the incorrect format
C. he APK must be uploaded for the application that the detection is intended
D. etections for MD5 signatures must be configured in the advanced custom detection policies
View answer
Correct Answer: D
Question #61
Which statement about IOS zone-based firewalls is true?
A. n unassigned interface can communicate with assigned interfaces
B. nly one interface can be assigned to a zone
C. n interface can be assigned to multiple zones
D. n interface can be assigned only to one zone
View answer
Correct Answer: D
Question #62
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic.Where must theASA be added on the Cisco UC Manager platform?
A. o view bandwidth usage for NetFlow records, the QoS feature must be enabled
B. sysopt command can be used to enable NSEL on a specific interface
C. SEL can be used without a collector configured
D. flow-export event type must be defined under a policy
View answer
Correct Answer: A
Question #63
10. What are two list types within AMP for Endpoints Outbreak Control?
A. lockedp
B. implecustomdetecti
C. ommandandcontrol
D. llowedapplicati
View answer
Correct Answer: BD
Question #64
DRAG DROP (Drag and Drop is not supported)Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the left onto the correct definitions on the right.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #65
Refer to the exhibit.An engineer is implementing a certificate based VPN.What is the result of the existing configuration?
A. he OU of the IKEv2 peer certificate is used as the identity when matching an IKEv2 authorization policy
B. nly an IKEv2 peer that has an OU certificate attribute set to MANGLER establishes an IKEv2 SA successfully
C. he OU of the IKEv2 peer certificate is encrypted when the OU is set to MANGLER
D. he OU of the IKEv2 peer certificate is set to MANGLER
View answer
Correct Answer: A
Question #66
An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco ISE. The engineer wants to authenticate users using their account when they log into network devices.Which action accomplishes this task?
A. onfigure Cisco DUO with the external Active Directory connector and tie it to the policy set within Cisco ISE
B. nstall and configure the Cisco DUO Authentication Proxy and configure the identity source sequence within Cisco ISE
C. reate an identity policy within Cisco ISE to send all authentication requests to Cisco DUO
D. odify the current policy with the condition MFASourceSequence DUO=true in the authorization conditions within Cisco ISE
View answer
Correct Answer: B
Question #67
An engineer is configuring their router to send NetfFow data to Stealthwatch which has an IP address of 1 1 11 using the flow record Stea!thwatch406397954 command Which additional command is required to complete the flow record?
A. ransport udp 2055
B. atch ipv4 ttl
C. ache timeout active 60
D. estination 1
View answer
Correct Answer: B
Question #68
What is a benefit of performing device compliance?
A. erification of the latest OS patches
B. evice classification and authorization
C. roviding multi-factor authentication
D. roviding attribute-driven policies
View answer
Correct Answer: A
Question #69
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?
A. murf
B. istributed denial of service
C. ross-site scripting
D. ootkit exploit
View answer
Correct Answer: C
Question #70
What is the role of Cisco Umbrella Roaming when it is installed on an endpoint?
A. o protect the endpoint against malicious file transfers
B. o ensure that assets are secure from malicious links on and off the corporate network
C. o establish secure VPN connectivity to the corporate network
D. o enforce posture compliance and mandatory software
View answer
Correct Answer: B
Question #71
A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability.What is the connection status in both cases?
A. eed to be reestablished with stateful failover and preserved with stateless failover
B. reserved with stateful failover and need to be reestablished with stateless failover
C. reserved with both stateful and stateless failover
D. eed to be reestablished with both stateful and stateless failover
View answer
Correct Answer: B
Question #72
Which attack is preventable by Cisco ESA but not by the Cisco WSA?
A. uffer overflow
B. oS
C. QL injection
D. hishing
View answer
Correct Answer: D
Question #73
When web policies are configured in Cisco Umbrella, what provides the ability to ensure that domains are blocked when they host malware, command and control, phishing, and more threats?
A. pplication Control
B. ecurity Category Blocking
C. ontent Category Blocking
D. ile Analysis
View answer
Correct Answer: B
Question #74
How many interfaces per bridge group does an ASA bridge group deployment support?
A. p to 2
B. p to 4
C. p to 8
D. p to 16
View answer
Correct Answer: B
Question #75
An administrator configures a Cisco WSA to receive redirected traffic over ports 80 and 443. The organization requires that a network device with specific WSA integration capabilities be configured to send the traffic to the WSA to proxy the requests and increase visibility, while making this invisible to the users.What must be done on the Cisco WSA to support these requirements?
A. onfigure transparent traffic redirection using WCCP in the Cisco WSA and on the network device
B. onfigure active traffic redirection using WPAD in the Cisco WSA and on the network device
C. se the Layer 4 setting in the Cisco WSA to receive explicit forward requests from the network device
D. se PAC keys to allow only the required network devices to send the traffic to the Cisco WSA
View answer
Correct Answer: A
Question #76
A company is experiencing exfiltration of credit card numbers that are not being stored on-premise.The company needs to be able to protect sensitive data throughout the full environment.Which tool should be used to accomplish this goal?
A. ecurity Manager
B. loudlock
C. eb Security Appliance
D. isco ISE
View answer
Correct Answer: B
Question #77
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?
A. revalence
B. ile analysis
C. etections
D. ulnerable software
E. hreat root cause
View answer
Correct Answer: A
Question #78
When Cisco and other industry organizations publish and inform users of known security findings and vulnerabilities, which name is used?
A. ommon Security Exploits
B. ommon Vulnerabilities and Exposures
C. ommon Exploits and Vulnerabilities
D. ommon Vulnerabilities, Exploits and Threats
View answer
Correct Answer: B
Question #79
Which product allows Cisco FMC to push security intelligence observable to its sensors from other products?
A. ncrypted Traffic Analytics
B. hreat Intelligence Director
C. ognitive Threat Analytics
D. isco Talos Intelligence
View answer
Correct Answer: B
Question #80
DRAG DROP (Drag and Drop is not supported)Drag and drop the threats from the left onto examples of that threat on the right
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #81
What is a difference between GETVPN and IPsec?
A. ETVPN reduces latency and provides encryption over MPLS without the use of a central hub
B. ETVPN provides key management and security association management
C. ETVPN is based on IKEv2 and does not support IKEv1
D. ETVPN is used to build a VPN network with multiple sites without having to statically configure all devices
View answer
Correct Answer: C
Question #82
Which type of encryption uses a public key and private key?
A. symmetric
B. ymmetric
C. inear
D. onlinear
View answer
Correct Answer: A
Question #83
Which Cisco Umbrella package supports selective proxy for Inspection of traffic from risky domains?
A. IG Advantage
B. NS Security Essentials
C. IG Essentials
D. NS Security Advantage
View answer
Correct Answer: C
Question #84
Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)
A. hey alert administrators when critical events occur
B. hey highlight known and suspected malicious IP addresses in reports
C. hey correlate data about intrusions and vulnerability
D. hey identify data that the ASA sends to the Firepower module
View answer
Correct Answer: AC
Question #85
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?
A. ile access from a different user
B. nteresting file access
C. ser login suspicious behavior
D. rivilege escalation
View answer
Correct Answer: C
Question #86
Which two capabilities of Integration APIs are utilized with Cisco DNA Center? (Choose two)
A. ntegration
B. ntent
C. vent
D. ultivendor
View answer
Correct Answer: BC
Question #87
An organization has a Cisco ESA set up with policies and would like to customize the action assigned for violations. The organization wants a copy of the message to be delivered with a message added to flag it as a DLP violation.Which actions must be performed in order to provide this capability?
A. eliver and send copies to other recipients
B. uarantine and send a DLP violation notification
C. uarantine and alter the subject header with a DLP violation
D. eliver and add disclaimer text
View answer
Correct Answer: D
Question #88
What are two advantages of using Cisco AnyConnect over DMVPN? (Choose two.)
A. It provides spoke-to-spoke communications without traversing the hub
B. It enables VPN access for individual users from their machines
C. It allows multiple sites to connect to the data center
D. It allows different routing protocols to work over the tunnel
E. It allows customization of access policies based on user identity
View answer
Correct Answer: BE
Question #89
A user has a device in the network that is receiving too many connection requests from multiple machines.Which type of attack is the device undergoing?
A. hishing
B. lowloris
C. harming
D. YN flood
View answer
Correct Answer: D
Question #90
Refer to the exhibit. What does the API do when connected to a Cisco security appliance?
A. reate an SNMP pull mechanism for managing AMP
B. ather network telemetry information from AMP for endpoints
C. et the process and PID information from the computers in the network
D. ather the network interface information about the computers AMP sees
View answer
Correct Answer: D
Question #91
Refer to the exhibit.Which command was used to display this output?
A. he authentication request contains only a password
B. he authentication request contains only a username
C. he authentication and authorization requests are grouped in a single packet
D. here are separate authentication and authorization request packets
View answer
Correct Answer: A
Question #92
What is the difference between a vulnerability and an exploit?
A. vulnerability is a hypothetical event for an attacker to exploit
B. vulnerability is a weakness that can be exploited by an attacker
C. n exploit is a weakness that can cause a vulnerability in the network D
View answer
Correct Answer: B
Question #93
A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen on the network.Which two actions should be selected to allow the traffic to pass without inspection? (Choose two)
A. irror port
B. low
C. etFlow
D. PC flow logs
View answer
Correct Answer: BE
Question #94
A network engineer must configure a Cisco ESA to prompt users to enter two forms of information before gaining access The Cisco ESA must also join a cluster machine using preshared keys What must be configured to meet these requirements?
A. nable two-factor authentication through a RADIUS server and then join the cluster by using the Cisco ESA CLI
B. nable two-factor authentication through a RADIUS server and then join the cluster by using the Cisco ESA GUI
C. nable two-factor authentication through a TACACS+ server and then join the cluster by using the Cisco ESA GUI
D. nable two-factor authentication through a TACACS+ server and then join the cluster by using the Cisco ESA CLI
View answer
Correct Answer: A
Question #95
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion PreventionSystem?
A. ecurity Intelligence
B. mpact Flags
C. ealth Monitoring
D. RL Filtering
View answer
Correct Answer: B
Question #96
In a PaaS model, which layer is the tenant responsible for maintaining and patching?
A. ypervisor
B. irtual machine
C. etwork
D. pplication
View answer
Correct Answer: D
Question #97
The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?
A. DN controller and the cloud
B. anagement console and the SDN controller
C. anagement console and the cloud
D. DN controller and the management solution
View answer
Correct Answer: D
Question #98
Which Cisco security solution protects remote users against phishing attacks when they are not connected to the VPN?
A. isco Stealthwatch
B. isco Umbrella
C. isco Firepower
D. GIPS
View answer
Correct Answer: B
Question #99
What is a prerequisite when integrating a Cisco ISE server and an AD domain?
A. lace the Cisco ISE server and the AD server in the same subnet
B. onfigure a common administrator account
C. onfigure a common DNS server
D. ynchronize the clocks of the Cisco ISE server and the AD server
View answer
Correct Answer: D
Question #100
What is a key difference between Cisco Firepower and Cisco ASA?
A. isco ASA provides access control while Cisco Firepower does not
B. isco Firepower provides identity-based access control while Cisco ASA does not
C. isco Firepower natively provides intrusion prevention capabilities while Cisco ASA does not
D. isco ASA provides SSL inspection while Cisco Firepower does not
View answer
Correct Answer: C
Question #101
What is the target in a phishing attack?
A. erimeter firewall
B. PS
C. eb server
D. ndpoint
View answer
Correct Answer: D
Question #102
What provides the ability to program and monitor networks from somewhere other than the DNAC GUI?
A. etFlow
B. esktop client
C. SDM
D. PI
View answer
Correct Answer: D
Question #103
Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)
A. dds authentication to a switch
B. dds a switch to Cisco DNA Center
C. eceives information about a switch
D. eletes a switch from Cisco DNA Center
View answer
Correct Answer: AC
Question #104
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?
A. LSv1
B. LSv1
C. JTLSv1
D. TLSv1
View answer
Correct Answer: D
Question #105
An organization wants to improve its cybersecurity processes and to add intelligence to its data The organization wants to utilize the most current intelligence data for URL filtering, reputations, and vulnerability information that can be integrated with the Cisco FTD and Cisco WSA What must be done to accomplish these objectives?
A. reate a Cisco pxGrid connection to NIST to import this information into the security products for policy use
B. reate an automated download of the Internet Storm Center intelligence feed into the Cisco FTD and Cisco WSA databases to tie to the dynamic access control policies
C. ownload the threat intelligence feed from the IETF and import it into the Cisco FTD and Cisco WSA databases
D. onfigure the integrations with Talos Intelligence to take advantage of the threat intelligence that it provides
View answer
Correct Answer: D
Question #106
06. An authorization policy should always implement which of the following concepts?
A. mplicitdeny
B. eedtoknow
C. ccesscontroldebuggingl
D. ccesscontrolfilterl
View answer
Correct Answer: AB
Question #107
On Cisco Firepower Management Center, which policy is used to collect health modules alerts from managed devices?
A. ealth policy
B. ystem policy
C. orrelation policy
D. ccess control policy
E. ealth awareness policy
View answer
Correct Answer: A
Question #108
For Cisco IOS PKI, which two types of Servers are used as a distribution point for CRLs? (Choose two)
A. murf
B. luesnarfing
C. AC spoofing
D. P spoofing
View answer
Correct Answer: BE
Question #109
Which feature is leveraged by advanced antimalware capabilities to be an effective endpomt protection platform?
A. ig data
B. torm centers
C. andboxing
D. locklisting
View answer
Correct Answer: C
Question #110
Refer to the exhibit.What is a result of the configuration?
A. raffic from the DMZ network is redirected
B. raffic from the inside network is redirected
C. ll TCP traffic is redirected
D. raffic from the inside and DMZ networks is redirected
View answer
Correct Answer: D
Question #111
An administrator is adding a new Cisco ISE node to an existing deployment.What must be done to ensure that the addition of the node will be successful when inputting the FQDN?
A. hange the IP address of the new Cisco ISE node to the same network as the others
B. ake the new Cisco ISE node a secondary PAN before registering it with the primary
C. pen port 8905 on the firewall between the Cisco ISE nodes
D. dd the DNS entry for the new Cisco ISE node into the DNS server
View answer
Correct Answer: D
Question #112
What is a benefit of using Cisco FMC over Cisco ASDM?
A. isco FMC uses Java while Cisco ASDM uses HTML5
B. isco FMC provides centralized management while Cisco ASDM does not
C. isco FMC supports pushing configurations to devices while Cisco ASDM does not
D. isco FMC supports all firewall products whereas Cisco ASDM only supports Cisco ASA devices
View answer
Correct Answer: B
Question #113
An organization has two systems in their DMZ that have an unencrypted link between them for communication.The organization does not have a defined password policy and uses several default accounts on the systems.The application used on those systems also have not gone through stringent code reviews.Which vulnerability would help an attacker brute force their way into the systems?
A. eak passwords
B. ack of input validation
C. issing encryption
D. ack of file permission
View answer
Correct Answer: A
Question #114
Which portion of the network do EPP solutions solely focus on and EDR solutions do not?
A. erver farm
B. erimeter
C. ore
D. ast-West gateways
View answer
Correct Answer: B
Question #115
Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation IntrusionPrevention System?
A. ontrol
B. alware
C. RL filtering
D. rotect
View answer
Correct Answer: D
Question #116
Which component of Cisco umbrella architecture increases reliability of the service?
A. nycast IP
B. MP Threat grid
C. isco Talos
D. GP route reflector
View answer
Correct Answer: C
Question #117
Refer to the exhibit.An administrator is adding a new Cisco FTD device to their network and wants to manage it with Cisco FMC.The Cisco FTD is not behind a NAT device.Which command is needed to enable this on the Cisco FTD?
A. onfigure manager add DONTRESOLVE kregistration key>
B. onfigure manager add 16
C. onfigure manager add DONTRESOLVE FTD123
D. onfigure manager add
View answer
Correct Answer: D
Question #118
Which Talos reputation center allows for tracking the reputation of IP addresses for email and web traffic?
A. P and Domain Reputation Center
B. ile Reputation Center
C. P Slock List Center
D. MP Reputation Center
View answer
Correct Answer: A
Question #119
An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism.Which port on the firewall must be opened to allow the CoA traffic to traverse the network?
A. CP 6514
B. DP 1700
C. CP 49
D. DP 1812
View answer
Correct Answer: B
Question #120
Which function is the primary function of Cisco AMP threat Grid?
A. utomated email encryption
B. pplying a real-time URI blacklist
C. utomated malware analysis
D. onitoring network traffic
View answer
Correct Answer: C
Question #121
A network engineer is trying to figure out whether FlexVPN or DMVPN would fit better in their environment.They have a requirement for more stringent security multiple security associations for the connections, more efficient VPN establishment as well consuming less bandwidth.Which solution would be best for this and why?
A. MVPN because it supports IKEv2 and FlexVPN does not
B. lexVPN because it supports IKEv2 and DMVPN does not
C. lexVPN because it uses multiple SAs and DMVPN does not
D. MVPN because it uses multiple SAs and FlexVPN does not
View answer
Correct Answer: C
Question #122
A malicious user gained network access by spoofing printer connections that were authorized using MAB on four different switch ports at the same time.What two catalyst switch security features will prevent further violations? (Choose two)
A. ot1x system-auth-control
B. ot1x pae authenticator
C. uthentication port-control aut
D. aa new-model
View answer
Correct Answer: AE
Question #123
What is a commonality between DMVPN and FlexVPN technologies?
A. lexVPN and DMVPN use IS-IS routing protocol to communicate with spokes
B. lexVPN and DMVPN use the new key management protocol
C. lexVPN and DMVPN use the same hashing algorithms
D. OS routers run the same NHRP code for DMVPN and FlexVPN
View answer
Correct Answer: D
Question #124
Which ASA deployment mode can provide separation of management on a shared appliance?
A. MZ multiple zone mode
B. ransparent firewall mode
C. ultiple context mode
D. outed mode
View answer
Correct Answer: C
Question #125
Refer to the exhibit.An engineer configured wired 802.1x on the network and is unable to get a laptop to authenticate.Which port configuration is missing?
A. uthentication open
B. otlx reauthentication
C. isp enable
D. ot1x pae authenticator
View answer
Correct Answer: D
Question #126
Which API is used for Content Security?
A. X-OS API
B. OS XR API
C. penVuln API
D. syncOS API
View answer
Correct Answer: D
Question #127
DRAG DROP (Drag and Drop is not supported)Drag and drop the capabilities from the left onto the correct technologies on the right.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #128
Which solution protects hybrid cloud deployment workloads with application visibility and segmentation?
A. exus
B. tealthwatch
C. irepower
D. etration
View answer
Correct Answer: D
Question #129
An engineer wants to generate NetFlow records on traffic traversing the Cisco AS
A. hich Cisco ASAcommand must be used?
B. low-export destination inside 1
C. p flow monitor input
D. p flow-export destination 1
E. low exporter
View answer
Correct Answer: A

View The Updated CCNP Exam Questions

SPOTO Provides 100% Real CCNP Exam Questions for You to Pass Your CCNP Exam!

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: