Practice Exams:

Free 350-701 Exam Braindumps

Pass your Implementing and Operating Cisco Security Core Technologies exam with these free Questions and Answers

Page 7 of 122
PDF with 609 Questions
QUESTION 26

- (Exam Topic 2)
An organization has a Cisco ESA set up with policies and would like to customize the action assigned for violations. The organization wants a copy of the message to be delivered with a message added to flag it as a DLP violation. Which actions must be performed in order to provide this capability?

  1. A. deliver and send copies to other recipients
  2. B. quarantine and send a DLP violation notification
  3. C. quarantine and alter the subject header with a DLP violation
  4. D. deliver and add disclaimer text

Correct Answer: D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_A

QUESTION 27

- (Exam Topic 3)
When network telemetry is implemented, what is important to be enabled across all network infrastructure devices to correlate different sources?

  1. A. CDP
  2. B. NTP
  3. C. syslog
  4. D. DNS

Correct Answer: B

QUESTION 28

- (Exam Topic 2)
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
350-701 dumps exhibit
Solution:
Application Description automatically generated with low confidence explanation The Firepower System uses network discovery and identity policies to collect host, application, and user data for traffic on your network. You can use certain types of discovery and identity data to build a comprehensive map of your network assets, perform forensic analysis, behavioral profiling, access control, and mitigate and respond to the vulnerabilities and exploits to which your organization is susceptible.The Cisco Advanced Malware Protection (AMP) solution enables you to detect and block malware, continuously analyze for malware, and get retrospective alerts. AMP for Networks delivers network-based advanced malware protection that goes beyond point-in-time detection to protect your organization across the entire attack continuum – before, during, and after an attack. Designed for Cisco Firepower® network threat appliances, AMP for Networks detects, blocks, tracks, and contains malware threats across multiple threat vectors within a single system. It also provides the visibility and control necessary to protect your organization against highly sophisticated, targeted, zero-day, and persistent advanced malware threats.

Does this meet the goal?

  1. A. Yes
  2. B. No

Correct Answer: A

QUESTION 29

- (Exam Topic 1)
What two mechanisms are used to redirect users to a web portal to authenticate to ISE for guest services? (Choose two)

  1. A. multiple factor auth
  2. B. local web auth
  3. C. single sign-on
  4. D. central web auth
  5. E. TACACS+

Correct Answer: BD

QUESTION 30

- (Exam Topic 3)
A small organization needs to reduce the VPN bandwidth load on their headend Cisco ASA in order to
ensure that bandwidth is available for VPN users needing access to corporate resources on the10.0.0.0/24 local HQ network. How is this accomplished without adding additional devices to the
network?

  1. A. Use split tunneling to tunnel traffic for the 10.0.0.0/24 network only.
  2. B. Configure VPN load balancing to distribute traffic for the 10.0.0.0/24 network,
  3. C. Configure VPN load balancing to send non-corporate traffic straight to the internet.
  4. D. Use split tunneling to tunnel all traffic except for the 10.0.0.0/24 network.

Correct Answer: A

Page 7 of 122
PDF with 609 Questions

Post your Comments and Discuss Cisco 350-701 exam with other Community members: