Practice Exams:

Free 350-701 Exam Braindumps

Pass your Implementing and Operating Cisco Security Core Technologies exam with these free Questions and Answers

Page 2 of 122
PDF with 609 Questions
QUESTION 1

- (Exam Topic 3)
Which algorithm is an NGE hash function?

  1. A. HMAC
  2. B. SHA-1
  3. C. MD5
  4. D. SISHA-2

Correct Answer: D

QUESTION 2

- (Exam Topic 1)
Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System?

  1. A. It allows traffic if it does not meet the profile.
  2. B. It defines a traffic baseline for traffic anomaly deduction.
  3. C. It inspects hosts that meet the profile with more intrusion rules.
  4. D. It blocks traffic if it does not meet the profile.

Correct Answer: B

QUESTION 3

- (Exam Topic 3)
A network engineer is trying to figure out whether FlexVPN or DMVPN would fit better in their environment. They have a requirement for more stringent security multiple security associations for the connections, more efficient VPN establishment as well consuming less bandwidth. Which solution would be best for this and why?

  1. A. DMVPN because it supports IKEv2 and FlexVPN does not
  2. B. FlexVPN because it supports IKEv2 and DMVPN does not
  3. C. FlexVPN because it uses multiple SAs and DMVPN does not
  4. D. DMVPN because it uses multiple SAs and FlexVPN does not

Correct Answer: C
FlexVPN supports IKEv2 -> Answer A is not correct.DMVPN supports both IKEv1 & IKEv2 -> Answer B is not correct.FlexVPN support multiple SAs -> Answer D is not correct.

QUESTION 4

- (Exam Topic 1)
Which Cisco Advanced Malware protection for Endpoints deployment architecture is designed to keep data within a network perimeter?

  1. A. cloud web services
  2. B. network AMP
  3. C. private cloud
  4. D. public cloud

Correct Answer: C

QUESTION 5

- (Exam Topic 3)
What is a benefit of using telemetry over SNMP to configure new routers for monitoring purposes?

  1. A. Telemetry uses a pull mehod, which makes it more reliable than SNMP
  2. B. Telemetry uses push and pull, which makes it more scalable than SNMP
  3. C. Telemetry uses push and pull which makes it more secure than SNMP
  4. D. Telemetry uses a push method which makes it faster than SNMP

Correct Answer: D
SNMP polling can often be in the order of 5-10 minutes, CLIs are unstructured and prone to change which can often break scripts.The traditional use of the pull model, where the client requests data from the network does not scale when what you want is near real-time data.Moreover, in some use cases, there is the need to be notified only when some data changes, like interfaces status, protocol neighbors change etc.Model-Driven Telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics.
Referfence: https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide/streaming telemetry

Page 2 of 122
PDF with 609 Questions

Post your Comments and Discuss Cisco 350-701 exam with other Community members: