최신 350-701 무료덤프 - Cisco Implementing and Operating Cisco Security Core Technologies

문제1

In an IaaS cloud services model, which security function is the provider responsible for managing?

A. CASB

B. hypervisor OS hardening

C. Internet proxy

D. firewalling virtual machines

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.

정답:

Explanation:
Application Description automatically generated with low confidence

ExplanationThe Firepower System uses network discovery and identity policies to collect host, application, and user data for traffic on your network. You can use certain types of discovery and identity data to build a comprehensive map of your network assets, perform forensic analysis, behavioral profiling, access control, and mitigate and respond to the vulnerabilities and exploits to which your organization is susceptible.The Cisco Advanced Malware Protection (AMP) solution enables you to detect and block malware, continuously analyze for malware, and get retrospective alerts. AMP for Networks delivers network-based advanced malware protection that goes beyond point-in-time detection to protect your organization across the entire attack continuum - before, during, and after an attack. Designed for Cisco Firepower network threat appliances, AMP for Networks detects, blocks, tracks, and contains malware threats across multiple threat vectors within a single system. It also provides the visibility and control necessary to protect your organization against highly sophisticated, targeted, zero-day, and persistent advanced malware threats.

문제3

Which RADIUS attribute can you use to filter MAB requests in an 802.1 x deployment?

A. 6

B. 1

C. 31

D. 2

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnerability detection?

A. Cisco Tetration

B. Cisco ISE

C. Cisco AMP for Network

D. Cisco AnyConnect

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Based on the NIST 800-145 guide, which cloud architecture is provisioned for exclusive use by a specific group of consumers from different organizations and may be owned, managed, and operated by one or more of those organizations?

A. hybrid cloud

B. community cloud

C. private cloud

D. public cloud

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?

A. Cisco ISE

B. Cisco NAC

C. Cisco WSA

D. Cisco TACACS+

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two)

정답: A,B

설명: (DumpTOP 회원만 볼 수 있음)

문제8

An engineer has been tasked with implementing a solution that can be leveraged for securing the cloud users, data, and applications. There is a requirement to use the Cisco cloud native CASB and cloud cybersecurity platform. What should be used to meet these requirements?

A. Cisco NGFW

B. Cisco Umbrella

C. Cisco Cloudlock

D. Cisco Cloud Email Security

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

What is the primary benefit of deploying an ESA in hybrid mode?

A. It provides the lowest total cost of ownership by reducing the need for physical appliances

B. It provides email security while supporting the transition to the cloud

C. It provides maximum protection and control of outbound messages

D. You can fine-tune its settings to provide the optimum balance between security and performance for your environment

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

What are the two types of managed Intercloud Fabric deployment models? (Choose two.)

정답: C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제11

What is a benefit of using Cisco Umbrella?

A. Files are scanned for viruses before they are allowed to run.

B. It prevents malicious inbound traffic.

C. Attacks can be mitigated before the application connection occurs.

D. DNS queries are resolved faster.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제12

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https://<FMC IP>/capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

A. Disable the HTTPS server and use HTTP instead

B. Enable the HTTPS server for the device platform policy

C. Disable the proxy setting on the browser

D. Use the Cisco FTD IP address as the proxy server setting on the browser

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제13

An email administrator is setting up a new Cisco ESA. The administrator wants to enable the blocking of greymail for the end user. Which feature must the administrator enable first?

A. Intelligent Multi-Scan

B. File Analysis

C. IP Reputation Filtering

D. Anti-Virus Filtering

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제14

Refer to the exhibit.

What does the number 15 represent in this configuration?

A. interval in seconds between SNMPv3 authentication attempts

B. access list that identifies the SNMP devices that can access the router

C. privilege level for an authorized user to this router

D. number of possible failed attempts until the SNMPv3 user is locked out

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제15

An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows. What action would allow the attacker to gain access to machine 1 but not machine 2?

A. sniffing the packets between the two hosts

B. sending continuous pings

C. inserting malicious commands into the database

D. overflowing the buffer's memory

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제16

Which term describes when the Cisco Secure Firewall downloads threat intelligence updates from Cisco Tables?

A. authoring

B. consumption

C. sharing

D. analysis

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제17

Which threat intelligence standard contains malware hashes?

A. open command and control

B. trusted automated exchange of indicator information

C. advanced persistent threat

D. structured threat information expression

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제18

An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users. Which action accomplishes this goal?

A. Modify the user's browser settings to suppress errors from Cisco Umbrella.

B. Install the Cisco Umbrella root CA onto the user's device.

C. Upload the organization root CA to Cisco Umbrella.

D. Restrict access to only websites with trusted third-party signed certificates.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제19

What are two ways a network administrator transparently identifies users using Active Directory on the Cisco WSA? (Choose two.)

A. Create an LDAP authentication realm and disable transparent user identification.

B. Create NTLM or Kerberos authentication realm and enable transparent user identification.

C. Deploy a separate Active Directory agent such as Cisco Context Directory Agent.

D. Deploy a separate eDirectory server; the dent IP address is recorded in this server.

E. The eDirectory client must be installed on each client workstation.

정답: B,C

설명: (DumpTOP 회원만 볼 수 있음)

문제20

What is a prerequisite when integrating a Cisco ISE server and an AD domain?

A. Configure a common DNS server

B. Synchronize the clocks of the Cisco ISE server and the AD server

C. Place the Cisco ISE server and the AD server in the same subnet

D. Configure a common administrator account

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

최신 350-701 무료덤프 - Cisco Implementing and Operating Cisco Security Core Technologies

우리와 연락하기

유용한 링크

최신 업데이트