DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Updated Cisco 350-701 SCOR Exam Dumps for Effective Exam Preparation

The Cisco 350-701 SCOR certification exam tests your ability to implement and operate core security technologies across various domains, including network security, cloud security, content security, endpoint protection and detection, secure network access, and visibility and enforcement. Passing this exam requires a comprehensive understanding of these areas, which can be achieved through diligent exam preparation using the right study materials and exam resources. Mock exams and practice tests are invaluable tools that provide realistic exam questions and answers, closely mimicking the actual SCOR exam format and content. These test questions cover a wide range of topics, such as firewalls, VPNs, intrusion prevention systems (IPS), secure access control methods, and security monitoring and logging. By regularly practicing with these exam questions, you can identify knowledge gaps, reinforce your understanding, and develop effective problem-solving strategies. In addition to mock exams, it's essential to utilize official Cisco study guides, training courses, and other exam resources. These materials offer in-depth explanations, real-world scenarios, and expert insights, ensuring you have a comprehensive understanding of the concepts covered in the SCOR exam. Consistent exam preparation, combined with regular mock exam practice, will increase your chances of earning this prestigious Cisco certification, validating your expertise in implementing and operating core security technologies.
Take other online exams

Question #1
What is the term for having information about threats and threat actors that helps mitigate harmful events that would otherwise compromise networks or systems?
A. rusted automated exchange
B. ndicators of Compromise
C. he Exploit Database
D. hreat intelligence
View answer
Correct Answer: D
Question #2
An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices. The default management port conflicts with other communications on the network and must be changed.What must be done to ensure that all devices can communicate together?
A. anually change the management port on Cisco FMC and all managed Cisco FTD devices
B. et the tunnel to go through the Cisco FTD
C. hange the management port on Cisco FMC so that it pushes the change to all managed Cisco FTD devices
D. et the tunnel port to 8305
View answer
Correct Answer: A
Question #3
Refer to the exhibit.A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status.What is the problem according to this command output?
A. ashing algorithm mismatch
B. ncryption algorithm mismatch
C. uthentication key mismatch
D. nteresting traffic was not applied
View answer
Correct Answer: C
Question #4
Which type of algorithm provides the highest level of protection against brute-force attacks?
A. FS
B. MAC
C. D5
D. HA
View answer
Correct Answer: D
Question #5
An administrator is adding a new switch onto the network and has configured AAA for network access control.When testing the configuration, the RADIUS authenticates to Cisco ISE but is being rejected.Why is the ip radius source-interface command needed for this configuration?
A. nly requests that originate from a configured NAS IP are accepted by a RADIUS server
B. he RADIUS authentication key is transmitted only from the defined RADIUS source interface
C. ADIUS requests are generated only by a router if a RADIUS source interface is defined
D. ncrypted RADIUS authentication requires the RADIUS source interface be defined
View answer
Correct Answer: A
Question #6
Which DevSecOps implementation process gives a weekly or daily update instead of monthly or quarterly in the applications?
A. rchestration
B. I/CD pipeline
C. ontainer
D. ecurity
View answer
Correct Answer: B
Question #7
Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent?(Choose two)
A. ristine
B. alware
C. irty
D. on malicious
View answer
Correct Answer: CE
Question #8
DRAG DROPDrag and drop the solutions from the left onto the solution's benefits on the right.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #9
How is Cisco Umbrella configured to log only security events?
A. er policy
B. n the Reporting settings
C. n the Security Settings section
D. er network in the Deployments section
View answer
Correct Answer: A
Question #10
How does Cisco Umbrella archive logs to an enterprise owned storage?
A. y using the Application Programming Interface to fetch the logs
B. y sending logs via syslog to an on-premises or cloud-based syslog server
C. y the system administrator downloading the logs from the Cisco Umbrella web portal
D. y being configured to send logs to a self-managed AWS S3 bucket
View answer
Correct Answer: D
Question #11
After deploying a Cisco ESA on your network, you notice that some messages fail to reach their destinations.Which task can you perform to determine where each message was lost?
A. onfigure the trackingconfig command to enable message tracking
B. enerate a system report
C. eview the log files
D. erform a trace
View answer
Correct Answer: A
Question #12
What must be configured in Cisco ISE to enforce reauthentication of an endpoint session when an endpoint is deleted from an identity group?
A. osture assessment
B. oA
C. xternal identity source
D. NMP probe
View answer
Correct Answer: B
Question #13
02. How does Cisco Stealthwatch Cloud provide security for cloud environments?
A. tfacilitatessecureconnectivitybetweenpublicandprivatenetworks
B. tpreventsexfiltrationofsensitivedata
C. tdeliversvisibilityandthreatdetection
D. tassignsInternet-basedDNSprotectionforclientsandservers
View answer
Correct Answer: C
Question #14
Refer to the exhibit.What does the API do when connected to a Cisco security appliance?
A. et the process and PID information from the computers in the network
B. reate an SNMP pull mechanism for managing AMP
C. ather network telemetry information from AMP for endpoints
D. ather the network interface information about the computers AMP sees
View answer
Correct Answer: D
Question #15
Which type of protection encrypts RSA keys when they are exported and imported?
A. ile
B. assphrase
C. GE
D. onexportable
View answer
Correct Answer: B
Question #16
Cisco SensorBase gaihers threat information from a variety of Cisco products and services and performs analytics to find patterns on threats Which term describes this process?
A. eployment
B. onsumption
C. uthoring
D. haring
View answer
Correct Answer: A
Question #17
Refer to the exhibit. An engineer is implementing a certificate based VPN. What is the result of the existing configuration?
A. Only an IKEv2 peer that has an OU certificate attribute set to MANGLER establishes an IKEv2 SA successfully
B. The OU of the IKEv2 peer certificate is used as the identity when matching an IKEv2 authorization policy
C. The OU of the IKEv2 peer certificate is set to MANGLER
D. The OU of the IKEv2 peer certificate is encrypted when the OU is set to MANGLER
View answer
Correct Answer: B
Question #18
01. An MDM provides which two advantages to an organization with regards to device management?
A. riticaldevicemanageme
B. etworkdevicemanageme
C. llowedapplicationmanageme
D. ssetinventorymanageme
View answer
Correct Answer: CD
Question #19
Which service allows a user export application usage and performance statistics with Cisco Application Visibility and control?
A. NORT
B. etFlow
C. NMP
D. 02
View answer
Correct Answer: B
Question #20
Which form of attack is launched using botnets?
A. CP flood
B. DOS
C. OS
D. irus
View answer
Correct Answer: B
Question #21
A Cisco FTD engineer is creating a new IKEv2 policy called s2s00123456789 for their organization to allow for additional protocols to terminate network devices with. They currently only have one policy established and need the new policy to be a backup in case some devices cannot support the stronger algorithms listed in the primary policy.What should be done in order to support this?
A. hange the integrity algorithms to SHA* to support all SHA algorithms in the primary policy
B. ake the priority for the new policy 5 and the primary policy 1
C. hange the encryption to AES* to support all AES algorithms in the primary policy
D. ake the priority for the primary policy 10 and the new policy 1
View answer
Correct Answer: B
Question #22
What is a characteristic of Dynamic ARP Inspection?
A. AI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCPsnooping binding database
B. n a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted
C. AI associates a trust state with each switch
D. AI intercepts all ARP requests and responses on trusted ports only
View answer
Correct Answer: A
Question #23
What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an organization? (Choose two)
A. nsure that the client computers are pointing to the on-premises DNS servers
B. nable the Intelligent Proxy to validate that traffic is being routed correctly
C. dd the public IP address that the client computers are behind to a Core Identity
D. rowse to http://welcome
View answer
Correct Answer: AD
Question #24
In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?
A. hen there is a need for traditional anti-malware detection
B. hen there is no need to have the solution centrally managed
C. hen there is no firewall on the network
D. hen there is a need to have more advanced detection capabilities
View answer
Correct Answer: D
Question #25
Which technology is used to improve web traffic performance by proxy caching?
A. SA
B. irepower
C. ireSIGHT
D. SA
View answer
Correct Answer: A
Question #26
When configuring ISAKMP for IKEv1 Phase1 on a Cisco IOS router, an administrator needs to input the command crypto isakmp key cisco address 0.0.0.0. The administrator is not sure what the IP addressing in this command issued for.What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?
A. he key server that is managing the keys for the connection will be at 1
B. he remote connection will only be allowed from 1
C. he address that will be used as the crypto validation authority
D. ll IP addresses other than 1
View answer
Correct Answer: B
Question #27
What does Cisco AMP for Endpoints use to help an organization detect different families of malware?
A. thos Engine to perform fuzzy fingerprinting
B. etra Engine to detect malware when me endpoint is connected to the cloud
C. lam AV Engine to perform email scanning
D. pero Engine with machine learning to perform dynamic analysis
View answer
Correct Answer: A
Question #28
When using Cisco AMP for Networks which feature copies a file to the Cisco AMP cloud for analysis?
A. loud web services
B. etwork AMP
C. rivate cloud
D. ublic cloud
View answer
Correct Answer: B
Question #29
Which two cryptographic algorithms are used with IPsec? (Choose two)
A. DAP injection
B. an-in-the-middle
C. ross-site scripting
D. nsecure API
View answer
Correct Answer: CE
Question #30
Which Cisco command enables authentication, authorization, and accounting globally so that CoA is supported on the device?
A. aa server radius dynamic-author
B. aa new-model
C. uth-type all
D. p device-tracking
View answer
Correct Answer: D
Question #31
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?
A. roup Policy
B. ccess Control Policy
C. evice Management Policy
D. latform Service Policy
View answer
Correct Answer: D
Question #32
Why would a user choose an on-premises ESA versus the CES solution?
A. ensitive data must remain onsite
B. emand is unpredictable
C. he server team wants to outsource this service
D. SA is deployed inline
View answer
Correct Answer: A
Question #33
Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current encryption technology?
A. DES
B. SA
C. ES
D. ES
View answer
Correct Answer: B
Question #34
Which statement about IOS zone-based firewalls is true?
A. An unassigned interface can communicate with assigned interfaces
B. Only one interface can be assigned to a zone
C. An interface can be assigned to multiple zones
D. An interface can be assigned only to one zone
View answer
Correct Answer: D
Question #35
An organization is implementing URL blocking using Cisco Umbrell
A. he users are able to go to some sites but other sites are not accessible due to an error
B. lient computers do not have the Cisco Umbrella Root CA certificate installed
C. P-Layer Enforcement is not configured
D. lient computers do not have an SSL certificate deployed from an internal CA server
E. ntelligent proxy and SSL decryption is disabled in the policy
View answer
Correct Answer: A
Question #36
Which benefit is provided by ensuring that an endpoint is compliant with a posture policy configured in Cisco ISE?
A. t allows the endpoint to authenticate with 802
B. t verifies that the endpoint has the latest Microsoft security patches installed
C. t adds endpoints to identity groups dynamically
D. t allows CoA to be applied if the endpoint status is compliant
View answer
Correct Answer: A
Question #37
Which SNMPv3 configuration must be used to support the strongest security possible?
A. sa-host(config)#snmp-server group myv3 v3 priv asa-host(config)#snmp-server user andy myv3 auth sha cisco priv des ciscXXXXXXXX asa-host(config)#snmp-server host inside 10
B. sa-host(config)#snmp-server group myv3 v3 noauth asa-host(config)#snmp-server user andy myv3 auth sha cisco priv aes 256 ciscXXXXXXXX asa-host(config)#snmp-server host inside 10
C. sa-host(config)#snmpserver group myv3 v3 noauth asa-host(config)#snmp-server user andy myv3 auth sha cisco priv 3des ciscXXXXXXXX asa-host(config)#snmp-server host inside 10
D. sa-host(config)#snmp-server group myv3 v3 priv asa-host(config)#snmp-server user andy myv3 auth sha cisco priv aes 256 ciscXXXXXXXX asa-host(config)#snmp-server host inside 10
View answer
Correct Answer: D
Question #38
After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites.What must be done in order to prevent this from happening in the future?
A. odify an access policy
B. odify identification profiles
C. odify outbound malware scanning policies
D. odify web proxy settings
View answer
Correct Answer: D
Question #39
When choosing an algorithm to us, what should be considered about Diffie Hellman and RSA for key establishment?
A. SA is an asymmetric key establishment algorithm intended to output symmetric keys
B. SA is a symmetric key establishment algorithm intended to output asymmetric keys
C. H is a symmetric key establishment algorithm intended to output asymmetric keys
D. H is an asymmetric key establishment algorithm intended to output symmetric keys
View answer
Correct Answer: D
Question #40
How does Cisco Workload Optimization Manager help mitigate application performance issues?
A. t deploys an AWS Lambda system
B. t automates resource resizing
C. t optimizes a flow path
D. t sets up a workload forensic score
View answer
Correct Answer: B
Question #41
Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)
A. andated security controls and check lists
B. ecurity scanning and theoretical vulnerabilities
C. evelopment security
D. solated security team
View answer
Correct Answer: DE
Question #42
Which capability is exclusive to a Cisco AMP public cloud instance as compared to a private cloud instance?
A. BAC
B. THOS detection engine
C. PERO detection engine
D. ETRA detection engine
View answer
Correct Answer: B
Question #43
DRAG DROP (Drag and Drop is not supported)Drag and drop the cloud security assessment components from the left onto the definitions on the right.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #44
Which RADIUS attribute can you use to filter MAB requests in an 802.1 x deployment?
A. HCP snooping has not been enabled on all VLANs
B. he ip arp inspection limit command is applied on all interfaces and is blocking the traffic of all users
C. ynamic ARP Inspection has not been enabled on all VLANs
D. he no ip arp inspection trust command is applied on all user host interfaces
View answer
Correct Answer: C
Question #45
Which kind of API that is used with Cisco DNA Center provisions SSIDs, QoS policies, and update software versions on switches?
A. event
B. intent
C. integration
D. multivendor
View answer
Correct Answer: B
Question #46
An engineer is configuring IPsec VPN and needs an authentication protocol that is reliable and supports ACKand sequence.Which protocol accomplishes this goal?
A. ES-192
B. KEv1
C. ES-256
D. SP
View answer
Correct Answer: D
Question #47
With which components does a southbound API within a software-defined network architecture communicate?
A. ontrollers within the network
B. pplications
C. ppliances
D. evices such as routers and switches
View answer
Correct Answer: D
Question #48
Refer to the exhibit.When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to utilize an external token authentication mechanism in conjunction with AAA authentication using machine certificates.Which configuration item must be modified to allow this?
A. roup Policy
B. ethod
C. AML Server
D. HCP Servers
View answer
Correct Answer: B
Question #49
Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnerability detection?
A. isco Tetration
B. isco ISE
C. isco AMP for Network
D. isco AnyConnect
View answer
Correct Answer: A
Question #50
Which telemetry data captures variations seen within the flow, such as the packets TTL, IP/TCP flags, and payload length?
A. nterpacket variation
B. oftware package variation
C. low insight variation
D. rocess details variation
View answer
Correct Answer: A
Question #51
What are two features of NetFlow flow monitoring? (Choose two)
A. ransport mode
B. orward file
C. AC file
D. ridge mode
View answer
Correct Answer: AE
Question #52
Which two mechanisms are used to control phishing attacks? (Choose two)
A. eceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role
B. spear phishing campaign is aimed at a specific person versus a group of people
C. pear phishing is when the attack is aimed at the C-level executives of an organization
D. eceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage
View answer
Correct Answer: AE
Question #53
Which solution combines Cisco IOS and IOS XE components to enable administrators to recognize applications, collect and send network metrics to Cisco Prime and other third-party management tools, and prioritize application traffic?
A. isco Security Intelligence
B. isco Application Visibility and Control
C. isco Model Driven Telemetry
D. isco DNA Center
View answer
Correct Answer: B
Question #54
When wired 802.1X authentication is implemented, which two components are required? (Choose two)
A. how dot1x all
B. how dot1x
C. how dot1x all summary
D. how dot1x interface gi1/0/12
View answer
Correct Answer: AC
Question #55
DRAG DROP (Drag and Drop is not supported)Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #56
What is the primary role of the Cisco Email Security Appliance?
A. ail Submission Agent
B. ail Transfer Agent
C. ail Delivery Agent
D. ail User Agent
View answer
Correct Answer: B
Question #57
Which posture assessment requirement provides options to the client for remediation and requires the remediation within a certain timeframe?
A. udit
B. andatory
C. ptional
D. isibility
View answer
Correct Answer: B
Question #58
Refer to the exhibit. What does the number 15 represent in this configuration?
A. privilege level for an authorized user to this router
B. access list that identifies the SNMP devices that can access the router
C. interval in seconds between SNMPv3 authentication attempts
D. number of possible failed attempts until the SNMPv3 user is locked out
View answer
Correct Answer: B
Question #59
Which VPN technology can support a multivendor environment and secure traffic between sites?
A. SL VPN
B. ET VPN
C. lexVPN
D. MVPN
View answer
Correct Answer: C
Question #60
Which benefit does endpoint security provide the overall security posture of an organization?
A. t streamlines the incident response process to automatically perform digital forensics on the endpoint
B. t allows the organization to mitigate web-based attacks as long as the user is active in the domain
C. t allows the organization to detect and respond to threats at the edge of the network
D. t allows the organization to detect and mitigate threats that the perimeter security devices do not detect
View answer
Correct Answer: D
Question #61
Which action controls the amount of URI text that is stored in Cisco WSA logs files?
A. onfigure the datasecurityconfig command
B. onfigure the advancedproxyconfig command with the HTTPS subcommand
C. onfigure a small log-entry size
D. onfigure a maximum packet size
View answer
Correct Answer: B
Question #62
What is the difference between deceptive phishing and spear phishing?
A. eceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role
B. spear phishing campaign is aimed at a specific person versus a group of people
C. pear phishing is when the attack is aimed at the C-level executives of an organization
D. eceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage
View answer
Correct Answer: B
Question #63
What is a characteristic of traffic storm control behavior?
A. raffic storm control drops all broadcast and multicast traffic if the combined traffic exceeds the level within the interval
B. raffic storm control cannot determine if the packet is unicast or broadcast
C. raffic storm control monitors incoming traffic levels over a 10-second traffic storm control interval
D. raffic storm control uses the Individual/Group bit in the packet source address to determine if the packet is unicast or broadcast
View answer
Correct Answer: A
Question #64
How does Cisco Stealthwatch Cloud provide security for cloud environments?
A. t delivers visibility and threat detection
B. t prevents exfiltration of sensitive data
C. t assigns Internet-based DNS protection for clients and servers
D. t facilitates secure connectivity between public and private networks
View answer
Correct Answer: A
Question #65
An engineer is configuring AMP for endpoints and wants to block certain files from executing.Which outbreak control method is used to accomplish this task?
A. evice flow correlation
B. imple detections
C. pplication blocking list
D. dvanced custom detections
View answer
Correct Answer: C
Question #66
Refer to the exhibit.A network engineer is testing NTP authentication and realizes that any device synchronizes time with this router and that NTP authentication is not enforced What is the cause of this issue?
A. he key was configured in plain text
B. TP authentication is not enabled
C. he hashing algorithm that was used was MD5
D. he router was not rebooted after the NTP configuration updated
View answer
Correct Answer: B
Question #67
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?
A. murf
B. istributed denial of service
C. ross-site scripting
D. ootkit exploit
View answer
Correct Answer: C
Question #68
In which cloud services model is the tenant responsible for virtual machine OS patching?
A. aaS
B. CaaS
C. aaS
D. aaS
View answer
Correct Answer: A
Question #69
Which Cisco product is open, scalable, and built on IETF standards to allow multiple security products fromCisco and other vendors to share data and interoperate with each other?
A. ntent-based APIs
B. utomation adapters
C. omain integration
D. pplication adapters
View answer
Correct Answer: B
Question #70
An organization wants to implement a cloud-delivered and SaaS-based solution to provide visibility and threat detection across the AWS network. The solution must be deployed without software agents and rely on AWS VPC flow logs instead.Which solution meets these requirements?
A. isco Stealthwatch Cloud
B. isco Umbrella
C. etFlow collectors
D. isco Cloudlock
View answer
Correct Answer: A
Question #71
An organization wants to provide visibility and to identify active threats in its network using a VM.The organization wants to extract metadata from network packet flow while ensuring that payloads are not retained or transferred outside the network.Which solution meets these requirements?
A. isco Umbrella Cloud
B. isco Stealthwatch Cloud PNM
C. isco Stealthwatch Cloud PCM
D. isco Umbrella On-Premises
View answer
Correct Answer: B
Question #72
A customer has various external HTTP resources available including Intranet. Extranet, and Internet, with a proxy configuration running in explicit mode Which method allows the client desktop browsers to be configured to select when to connect direct or when to use the proxy?
A. ransparent mode
B. orward file
C. AC file
D. ridge mode
View answer
Correct Answer: C
Question #73
Which two activities can be done using Cisco DNA Center? (Choose two)
A. isco Rapid Threat Containment
B. isco Platform Exchange Grid
C. isco Advanced Malware Protection
D. isco Stealthwatch Cloud
View answer
Correct Answer: BE
Question #74
What is the function of Cisco Cloudlock for data security?
A. ata loss prevention
B. ontrols malicious cloud apps
C. etects anomalies
D. ser and entity behavior analytics
View answer
Correct Answer: A
Question #75
Which Cisco solution does Cisco Umbrella integrate with to determine if a URL is malicious?
A. MP
B. nyConnect
C. ynDNS
D. alos
View answer
Correct Answer: D
Question #76
What are two characteristics of Cisco DNA Center APIs? (Choose two)
A. t indicates what type of operating system is connecting to the network
B. t validates if anti-virus software is installed
C. t scans endpoints to determine if malicious activity is taking place
D. t detects email phishing attacks
View answer
Correct Answer: DE
Question #77
An engineer adds a custom detection policy to a Cisco AMP deployment and encounters issues with the configuration. The simple detection mechanism is configured, but the dashboard indicates that the hash is not 64 characters and is non-zero.What is the issue?
A. he engineer is attempting to upload a hash created using MD5 instead of SHA-256
B. he file being uploaded is incompatible with simple detections and must use advanced detections
C. he hash being uploaded is part of a set in an incorrect format
D. he engineer is attempting to upload a file instead of a hash
View answer
Correct Answer: A
Question #78
What is a characteristic of Dynamic ARP Inspection?
A. DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database
B. In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted
C. DAI associates a trust state with each switch
D. DAI intercepts all ARP requests and responses on trusted ports only
View answer
Correct Answer: A
Question #79
Which functions of an SDN architecture require southbound APIs to enable communication?
A. DN controller and the network elements
B. anagement console and the SDN controller
C. anagement console and the cloud
D. DN controller and the cloud
View answer
Correct Answer: A
Question #80
DRAG DROP (Drag and Drop is not supported)Drag and drop the NetFlow export formats from the left onto the descriptions on the right.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #81
How is ICMP used an exfiltration technique?
A. y flooding the destination host with unreachable packets
B. y sending large numbers of ICMP packets with a targeted hosts source IP address using an IP broadcast address
C. y encrypting the payload in an ICMP packet to carry out command and control tasks on a compromised host
D. y overwhelming a targeted host with ICMP echo-request packets
View answer
Correct Answer: C
Question #82
Refer to the exhibit.An organization is using DHCP Snooping within their network. A user on VLAN 41 on a new switch is complaining that an IP address is not being obtained.Which command should be configured on the switch interface in order to provide the user with network connectivity?
A. p dhcp snooping verify mac-address
B. p dhcp snooping limit 41
C. p dhcp snooping vlan 41
D. p dhcp snooping trust
View answer
Correct Answer: D
Question #83
What is a difference between a DoS attack and DDos attack?
A. A DoS attack is where a computer is used to flood a server with TCP packets, whereas DDoS attack is where a computer is used to flood a server with UDP packets
B. A DoS attack is where a computer is used to flood a server with UDP packets, whereas DDoS attack is where a computer is used to flood a server with TCP packets
C. A DoS attack is where a computer is used to flood a server with TCP and UDP packets, whereas DDoS attack is where a computer is used to flood multiple servers that are distributed over a LAN
D. A DoS attack is where a computer is used to flood a server with TCP and UDP packets, whereas DDoS attack is where multiple systems target a single system with a DoS attack
View answer
Correct Answer: D
Question #84
Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps.Which two actions must be taken to ensure that interfaces are put back into service? (Choose two)
A. ross-site Scripting is an attack where code is injected into a database, whereas SQL Injection is an attack where code is injected into a browser
B. ross-site Scripting is a brute force attack targeting remote sites, whereas SQL Injection is a social engineering attack
C. ross-site Scripting is when executives in a corporation are attacked, whereas SQL Injection is when a database is manipulated
D. ross-site Scripting is an attack where code is executed from the server side, whereas SQL Injection is an attack where code is executed from the client side
View answer
Correct Answer: CE
Question #85
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?
A. onsumption
B. haring
C. nalysis
D. uthoring
View answer
Correct Answer: A
Question #86
An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address.Which list contains the allowed recipient addresses?
A. AT
B. AT
C. AT
D. AT
View answer
Correct Answer: D
Question #87
What is a feature of the open platform capabilities of Cisco DNA Center?
A. pplication adapters
B. omain integration
C. ntent-based APIs
D. utomation adapters
View answer
Correct Answer: C
Question #88
A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there are no viruses before quarantined emails are delivered. In addition, delivery of mail from known bad mail servers must be prevented.Which two actions must be taken in order to meet these requirements? (Choose two)
A. ervice management
B. entralized management
C. pplication management
D. istributed management
View answer
Correct Answer: AE
Question #89
An organization is receiving SPAM emails from a known malicious domain.What must be configured in order to prevent the session during the initial TCP communication?
A. onfigure the Cisco ESA to drop the malicious emails
B. onfigure policies to quarantine malicious emails
C. onfigure policies to stop and reject communication
D. onfigure the Cisco ESA to reset the TCP connection
View answer
Correct Answer: D
Question #90
Which command enables 802.1X globally on a Cisco switch?
A. dot1x system-auth-control
B. dot1x pae authenticator
C. authentication port-control auto
D. aaa new-model
View answer
Correct Answer: A
Question #91
Which form of attack is launched using botnets?
A. irus
B. TP amplification
C. ing of death
D. TTP flood
View answer
Correct Answer: C
Question #92
Which system facilitates deploying microsegmentation and multi-tenancy services with a policy- based container?
A. DLC
B. ocker
C. ambda
D. ontiv
View answer
Correct Answer: B
Question #93
A network engineer has been tasked with adding a new medical device to the network. Cisco ISE is being used as the NAC server, and the new device does not have a supplicant available.What must be done in order to securely connect this device to the network?
A. se MAB with profiling
B. se MAB with posture assessment
C. se 802
D. se 802
View answer
Correct Answer: A
Question #94
What are two rootkit types? (Choose two)
A. IDDOS
B. irus
C. DOS
D. CP flood
View answer
Correct Answer: CD
Question #95
On which part of the IT environment does DevSecOps focus?
A. pplication development
B. ireless network
C. ata center
D. erimeter network
View answer
Correct Answer: A
Question #96
Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity?
A. MVPN
B. lexVPN
C. Psec DVTI
D. ET VPN
View answer
Correct Answer: D
Question #97
What is a difference between an XSS attack and an SQL injection attack?
A. QL injection is a hacking method used to attack SQL databases, whereas XSS attacks can exist in many different types of applications
B. SS is a hacking method used to attack SQL databases, whereas SQL injection attacks can exist in many different types of applications
C. QL injection attacks are used to steal information from databases whereas XSS attacks are used to redirect users to websites where attackers can steal data from them
D. SS attacks are used to steal information from databases whereas SQL injection attacks are used to redirect users to websites where attackers can steal data from them
View answer
Correct Answer: C
Question #98
What is a difference between a DoS attack and a DDoS attack?
A. DoS attack is where a computer is used to flood a server with TCP and UDP packets whereas a DDoS attack is where multiple systems target a single system with a DoS attack
B. DoS attack is where a computer is used to flood a server with TCP and UDP packets whereas a DDoS attack is where a computer is used to flood multiple servers that are distributed over a LAN
C. DoS attack is where a computer is used to flood a server with UDP packets whereas a DDoS attack is where a computer is used to flood a server with TCP packets
D. DoS attack is where a computer is used to flood a server with TCP packets whereas a DDoS attack is where a computer is used to flood a server with UDP packets
View answer
Correct Answer: A
Question #99
What is a difference between DMVPN and sVTI?
A. isco FTDv runs on VMWare while ASAv does not
B. isco FTDv provides 1GB of firewall throughput while Cisco ASAv does not
C. isco FTDv runs on AWS while ASAv does not
D. isco FTDv supports URL filtering while ASAv does not
View answer
Correct Answer: B
Question #100
An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and this needs to happen dynamically.What must be configured to accomplish this?
A. onfigure the Cisco WSA to modify policies based on the traffic seen
B. onfigure the Cisco ESA to receive real-time updates from Talos
C. onfigure the Cisco WSA to receive real-time updates from Talos
D. onfigure the Cisco ESA to modify policies based on the traffic seen
View answer
Correct Answer: D
Question #101
An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. The organization needs to ensure that the ISAKMP key on the hub is used only for terminating traffic from the IP address of172.19.20.24.Which command on the hub will allow the administrator to accomplish this?
A. rypto ca identity 172
B. rypto isakmp key Cisco0123456789 172
C. rypto enrollment peer address 172
D. rypto isakmp identity address 172
View answer
Correct Answer: B
Question #102
DRAG DROP (Drag and Drop is not supported)Drag and drop the steps from the left into the correct order on the right to enable AppDynamics to monitor an EC2 instance in Amazon Web Services.
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #103
An administrator wants to ensure that all endpoints are compliant before users are allowed access on the corporate network. The endpoints must have the corporate antivirus application installed and be running the latest build of Windows 10.What must the administrator implement to ensure that all devices are compliant before they are allowed on the network?
A. isco Identity Services Engine and AnyConnect Posture module
B. isco Stealthwatch and Cisco Identity Services Engine integration
C. isco ASA firewall with Dynamic Access Policies configured
D. isco Identity Services Engine with PxGrid services enabled
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: