Free 350-701 Sample Questions — Implementing and Operating Cisco Security Core Technologies

Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?

• A. quality of service
• B. time synchronization
• C. network address translations
• D. intrusion policy

In which two ways does the Cisco Advanced Phishing Protection solution protect users? (Choose two.)

• A. It prevents use of compromised accounts and social engineering
• B. It automatically removes malicious emails from users' inbox
• C. It secures all passwords that are shared in video conferences
• D. It prevents trojan horse malware using sensors
• E. It prevents all zero-day attacks coming from the Internet

Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption?

• A. Cisco Advanced Malware Protection
• B. Cisco Stealthwatch
• C. Cisco Identity Services Engine
• D. Cisco AnyConnect

An engineer must configure a Cisco Secure Email Gateway to use DLP for a company. The company also wants to see the content of emails that violate the DLP policy. Which configuration must be modified in the Data Loss Prevention Settings section to meet the requirements?

• A. DLP Message Action
• B. Matched Content Logging
• C. Secure Reply All
• D. Secure Message Forwarding

Which system facilitates deploying microsegmentation and multi-tenancy services with a policy-based container?

• A. SDLC
• B. Lambda
• C. Contiv
• D. Docker

Which statement describes a serverless application?

• A. The application delivery controller in front of the server farm designates on which server the application runs each time
• B. The application runs from an ephemeral, event-triggered, and stateless container that is fully managed by a cloud provider
• C. The application is installed on network equipment and not on physical servers
• D. The application runs from a containerized environment that is managed by Kubernetes or Docker Swarm

What is a feature of an endpoint detection and response solution?

• A. ensuring the security of network devices by choosing which devices are allowed to reach the network
• B. capturing and clarifying data on email, endpoints, and servers to mitigate threats
• C. rapidly and consistently observing and examining data to mitigate threats
• D. preventing attacks by identifying harmful events with machine learning and conduct-based defense

What are two functionalities of northbound and southbound APIs within Cisco SDN architecture? (Choose two.)

• A. Northbound APIs utilize RESTful API methods such as GET, POST, and DELETE
• B. Southbound APIs utilize CLI, SNMP, and RESTCONF
• C. Southbound APIs are used to define how SDN controllers integrate with applications
• D. Northbound interfaces utilize OpenFlow and OpFlex to integrate with network devices
• E. Southbound interfaces utilize device configurations such as VLANs and IP addresses

What is the purpose of the certificate signing request when adding a new certificate for a server?

• A. It provides the certificate client information so the server can authenticate against it when installing
• B. It provides the server information so a certificate can be created and signed
• C. It is the password for the certificate that is needed to install it with
• D. It is the certificate that will be loaded onto the server

What are two functions of secret key cryptography? (Choose two.)

• A. utilization of less memory
• B. utilization of large prime number iterations
• C. utilization of different keys for encryption and decryption
• D. key selection without integer factorization
• E. provides the capability to only know the key on one side

Which two mechanisms are used to control phishing attacks? (Choose two.)

• A. Enable browser alerts for fraudulent websites
• B. Define security group memberships
• C. Revoke expired CRL of the websites
• D. Use antispyware software
• E. Implement email filtering techniques

An engineer is configuring guest WLAN access using Cisco ISE and the Cisco WLC. Which action temporarily gives guest endpoints access dynamically while maintaining visibility into who or what connecting?

• A. Configure ISE and the WLC for quest redirection and services using a self-registered portal
• B. Modify the WLC configuration to allow any endpoint to access an internet-only VLAN
• C. Configure ISE and the WLC for guest redirection and services using a hotspot portal
• D. Modify the WLC configuration to require local WLC logins for the authentication prompts

How does a WCCP-configured router identify if the Cisco WSA is functional?

• A. If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the router
• B. If an ICMP ping fails three consecutive times between a router and the WSA, traffic is no longer transmitted to the WSA
• C. The WSA-sends a Here-I-Am message every 10 seconds, and the router acknowledges with an I-See-You message
• D. The router sends a Here-I-Am message every 10 seconds, and the WSA acknowledges with an I-See-You message

In which two ways does a system administrator send web traffic transparently to the Cisco WSA? (Choose two.)

• A. use Web Cache Communication Protocol
• B. configure AD Group Policies to push proxy settings
• C. configure the proxy IP address in the web-browser settings
• D. configure policy-based routing on the network infrastructure
• E. reference a Proxy Auto Config file

An engineer needs behavioral analysis to detect malicious activity on the hosts, and is configuring the organization's public cloud to send telemetry using the cloud provider's mechanisms to a security device. Which mechanism should the engineer configure to accomplish this goal?

• A. sFlow
• B. NetFlow
• C. mirror port
• D. VPC flow logs

Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption?

• A. Cisco Secure Network Analytics
• B. Cisco ISE
• C. Cisco AMP
• D. Cisco Secure Client

A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface. How does the switch behave in this situation?

• A. It drops the packet after validation by using the IP & MAC Binding Table
• B. It forwards the packet without validation
• C. It forwards the packet after validation by using the IP & MAC Binding Table
• D. It drops the packet without validation

An engineer needs to configure an access control policy rule to always send traffic for inspection without using the default action. Which action should be configured for this rule?

• A. monitor
• B. trust
• C. allow
• D. block

Which two tasks are required when a decryption policy is implemented on a Cisco WSA? (Choose two.)

• A. Configure invalid certificate handling
• B. Upload a root certificate and private key
• C. Enable real-time revocation status checking
• D. Enable HTTPS attack protection
• E. Enable the HTTPS proxy

Which Cisco cloud security software centrally manages policies on multiple platforms such as Cisco ASA, Cisco Firepower, Cisco Meraki, and AWS?

• A. Cisco Defense Orchestrator
• B. Cisco Configuration Professional
• C. Cisco Secureworks
• D. Cisco DNAC