Try Before You Buy

Download a free sample of any of our exam questions and answers

  • 24/7 customer support, Secure shopping site
  • Free One year updates to match real exam scenarios
  • If you failed your exam after buying our products we will refund the full amount back to you.
Free Download
  • Home
  • Articles
  • [Dec-2021] The Best CCNP Security 350-701 Professional Exam Questions [Q15-Q32]

[Dec-2021] The Best CCNP Security 350-701 Professional Exam Questions [Q15-Q32]

Share

[Dec-2021] The Best CCNP Security 350-701 Professional Exam Questions

Try 100% Updated 350-701 Exam Questions [2021]


For more info about Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)

Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)

 

NEW QUESTION 15
Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two)

  • A. accounting
  • B. assurance
  • C. encryption
  • D. authentication
  • E. automation

Answer: B,E

Explanation:
What Cisco DNA Center enables you to do
Automate: Save time by using a single dashboard to manage and automate your network. Quickly scale your business with intuitive workflows and reusable templates. Configure and provision thousands of network devices across your enterprise in minutes, not hours.
Secure policy: Deploy group-based secure access and network segmentation based on business needs. With Cisco DNA Center, you apply policy to users and applications instead of to your network devices. Automation reduces manual operations and the costs associated with human errors, resulting in more uptime and improved security. Assurance then assesses the network and uses context to turn data into intelligence, making sure that changes in the network device policies achieve your intent.
Assurance: Monitor, identify, and react in real time to changing network and wireless conditions. Cisco DNA Center uses your network's wired and wireless devices to create sensors everywhere, providing real-time feedback based on actual network conditions. The Cisco DNA Assurance engine correlates network sensor insights with streaming telemetry and compares this with the current context of these data sources. With a quick check of the health scores on the Cisco DNA Center dashboard, you can see where there is a performance issue and identify the most likely cause in minutes.
Extend ecosystem: With the new Cisco DNA Center platform, IT can now integrate Cisco® solutions and thirdparty technologies into a single network operation for streamlining IT workflows and increasing business value and innovation. Cisco DNA Center allows you to run the network with open interfaces with IT and business applications, integrates across IT operations and technology domains, and can manage heterogeneous network devices.
What Cisco DNA Center enables you to do
Automate: Save time by using a single dashboard to manage and automate your network. Quickly scale your business with intuitive workflows and reusable templates. Configure and provision thousands of network devices across your enterprise in minutes, not hours.
Secure policy: Deploy group-based secure access and network segmentation based on business needs. With Cisco DNA Center, you apply policy to users and applications instead of to your network devices. Automation reduces manual operations and the costs associated with human errors, resulting in more uptime and improved security. Assurance then assesses the network and uses context to turn data into intelligence, making sure that changes in the network device policies achieve your intent.
Assurance: Monitor, identify, and react in real time to changing network and wireless conditions. Cisco DNA Center uses your network's wired and wireless devices to create sensors everywhere, providing real-time feedback based on actual network conditions. The Cisco DNA Assurance engine correlates network sensor insights with streaming telemetry and compares this with the current context of these data sources. With a quick check of the health scores on the Cisco DNA Center dashboard, you can see where there is a performance issue and identify the most likely cause in minutes.
Extend ecosystem: With the new Cisco DNA Center platform, IT can now integrate Cisco® solutions and thirdparty technologies into a single network operation for streamlining IT workflows and increasing business value and innovation. Cisco DNA Center allows you to run the network with open interfaces with IT and business applications, integrates across IT operations and technology domains, and can manage heterogeneous network devices.
Reference:
What Cisco DNA Center enables you to do
Automate: Save time by using a single dashboard to manage and automate your network. Quickly scale your business with intuitive workflows and reusable templates. Configure and provision thousands of network devices across your enterprise in minutes, not hours.
Secure policy: Deploy group-based secure access and network segmentation based on business needs. With Cisco DNA Center, you apply policy to users and applications instead of to your network devices. Automation reduces manual operations and the costs associated with human errors, resulting in more uptime and improved security. Assurance then assesses the network and uses context to turn data into intelligence, making sure that changes in the network device policies achieve your intent.
Assurance: Monitor, identify, and react in real time to changing network and wireless conditions. Cisco DNA Center uses your network's wired and wireless devices to create sensors everywhere, providing real-time feedback based on actual network conditions. The Cisco DNA Assurance engine correlates network sensor insights with streaming telemetry and compares this with the current context of these data sources. With a quick check of the health scores on the Cisco DNA Center dashboard, you can see where there is a performance issue and identify the most likely cause in minutes.
Extend ecosystem: With the new Cisco DNA Center platform, IT can now integrate Cisco® solutions and thirdparty technologies into a single network operation for streamlining IT workflows and increasing business value and innovation. Cisco DNA Center allows you to run the network with open interfaces with IT and business applications, integrates across IT operations and technology domains, and can manage heterogeneous network devices.

 

NEW QUESTION 16
Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)

  • A. applications
  • B. middleware
  • C. virtualization
  • D. data
  • E. operating systems

Answer: A,D

Explanation:
Customers must manage applications and data in PaaS.

 

NEW QUESTION 17
Which two cryptographic algorithms are used with IPsec? {Choose two.)

  • A. HMAC-SHA1/SHA2
  • B. AES-BAC
  • C. AES-CBC
  • D. AES-ABC
  • E. Triple AMC-CBC

Answer: A,C

Explanation:
Explanation
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/15-mt/sec-sec-for-vpns-w-ips

 

NEW QUESTION 18
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA.
Which Cisco ASA
command must be used?

  • A. flow-export destination inside 1.1.1.1 2055
  • B. ip flow-export destination 1.1.1.1 2055
  • C. ip flow monitor input
  • D. flow exporter

Answer: A

Explanation:
The syntax of this command is: flow-export destination interface-name ipv4-address | hostname udp-port This command is used on Cisco ASA to configure Network Secure Event Logging (NSEL) collector to which NetFlow packets are sent. The destination keyword indicates that a NSEL collector is being configured. + The interface-name argument is the name of the ASA and ASA Services Module interface through which the collector is reached. + The ipv4-address argument is the IP address of the machine running the collector application. + The hostname argument is the destination IP address or name of the collector. + The udp-port argument is the UDP port number to which NetFlow packets are sent. You can configure a maximum of five collectors. After a collector is configured, template records are automatically sent to all configured NSEL collectors. Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/ monitor_nsel.html
The syntax of this command is: flow-export destination interface-name ipv4-address | hostname udp-port This command is used on Cisco ASA to configure Network Secure Event Logging (NSEL) collector to which NetFlow packets are sent. The destination keyword indicates that a NSEL collector is being configured.
+ The interface-name argument is the name of the ASA and ASA Services Module interface through which the collector is reached.
+ The ipv4-address argument is the IP address of the machine running the collector application.
+ The hostname argument is the destination IP address or name of the collector.
+ The udp-port argument is the UDP port number to which NetFlow packets are sent.
You can configure a maximum of five collectors. After a collector is configured, template records are automatically sent to all configured NSEL collectors.
Reference:
Explanation The syntax of this command is: flow-export destination interface-name ipv4-address | hostname udp-port This command is used on Cisco ASA to configure Network Secure Event Logging (NSEL) collector to which NetFlow packets are sent. The destination keyword indicates that a NSEL collector is being configured. + The interface-name argument is the name of the ASA and ASA Services Module interface through which the collector is reached. + The ipv4-address argument is the IP address of the machine running the collector application. + The hostname argument is the destination IP address or name of the collector. + The udp-port argument is the UDP port number to which NetFlow packets are sent. You can configure a maximum of five collectors. After a collector is configured, template records are automatically sent to all configured NSEL collectors. Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/ monitor_nsel.html

 

NEW QUESTION 19
How many interfaces per bridge group does an ASA bridge group deployment support?

  • A. up to 16
  • B. up to 2
  • C. up to 8
  • D. up to 4

Answer: D

Explanation:
Explanation
Each of the ASAs interfaces need to be grouped into one or more bridge groups. Each of these groups acts as an independent transparent firewall. It is not possible for one bridge group to communicate with another bridge group without assistance from an external router.
As of 8.4(1) upto 8 bridge groups are supported with 2-4 interface in each group. Prior to this only one bridge group was supported and only 2 interfaces.
Up to 4 interfaces are permitted per bridge-group (inside, outside, DMZ1, DMZ2)

 

NEW QUESTION 20
Which type of API is being used when a controller within a software-defined network architecture dynamically makes configuration changes on switches within the network?

  • A. southbound API
  • B. westbound AP
  • C. eastbound API
  • D. northbound API

Answer: A

 

NEW QUESTION 21
Which benefit is provided by ensuring that an endpoint is compliant with a posture policy configured in Cisco ISE?

  • A. It allows the endpoint to authenticate with 802.1xor MAB.
  • B. It adds endpoints to identity groups dynamically.
  • C. It verifies that the endpoint has the latest Microsoft security patches installed.
  • D. It allows CoA to be applied if the endpoint status is compliant.

Answer: C

 

NEW QUESTION 22
Which Cisco product provides proactive endpoint protection and allows administrators to centrally manage the deployment?

  • A. ESA
  • B. WSA
  • C. AMP
  • D. NGFW

Answer: C

 

NEW QUESTION 23
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which probe must be enabled for this type of profiling to work?

  • A. NMAP
  • B. SNMP
  • C. DHCP
  • D. NetFlow

Answer: A

Explanation:
Explanation Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint. NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address. Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes: + EndPointPolicy + LastNmapScanCount + NmapScanCount + OUI + Operating-system Reference: http://www.network-node.com/blog/2016/1/2/ise-20-profiling Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint.
NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address.
Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes:
+ EndPointPolicy
+ LastNmapScanCount
+ NmapScanCount
+ OUI
+ Operating-system
Explanation Cisco ISE can determine the type of device or endpoint connecting to the network by performing "profiling." Profiling is done by using DHCP, SNMP, Span, NetFlow, HTTP, RADIUS, DNS, or NMAP scans to collect as much metadata as possible to learn the device fingerprint. NMAP ("Network Mapper") is a popular network scanner which provides a lot of features. One of them is the OUI (Organizationally Unique Identifier) information. OUI is the first 24 bit or 6 hexadecimal value of the MAC address. Note: DHCP probe cannot collect OUIs of endpoints. NMAP scan probe can collect these endpoint attributes: + EndPointPolicy + LastNmapScanCount + NmapScanCount + OUI + Operating-system Reference: http://www.network-node.com/blog/2016/1/2/ise-20-profiling

 

NEW QUESTION 24
Which VPN technology can support a multivendor environment and secure traffic between sites?

  • A. SSL VPN
  • B. DMVPN
  • C. FlexVPN
  • D. GET VPN

Answer: C

 

NEW QUESTION 25
An organization has noticed an increase in malicious content downloads and wants to use Cisco Umbrella to prevent this activity for suspicious domains while allowing normal web traffic. Which action will accomplish this task?

  • A. Configure the intelligent proxy.
  • B. Set content settings to High
  • C. Configure application block lists.
  • D. Use destination block lists.

Answer: A

Explanation:
Obviously, if you allow all traffic to these risky domains, users might access malicious content, resulting in an infection or data leak. But if you block traffic, you can expect false positives, an increase in support inquiries, and thus, more headaches. By only proxying risky domains, the intelligent proxy delivers more granular visibility and control.
The intelligent proxy bridges the gap by allowing access to most known good sites without being proxied and only proxying those that pose a potential risk. The proxy then filters and blocks against specific URLs hosting malware while allowing access to everything else.

 

NEW QUESTION 26

Refer to the exhibit. What is a result of the configuration?

  • A. Traffic from the inside network is redirected.
  • B. Traffic from the inside and DMZ networks is redirected.
  • C. Traffic from the DMZ network is redirected.
  • D. All TCP traffic is redirected.

Answer: B

 

NEW QUESTION 27
An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address.
Which list contains the allowed recipient addresses?

  • A. SAT
  • B. BAT
  • C. RAT
  • D. HAT

Answer: C

 

NEW QUESTION 28
An organization wants to provide visibility and to identify active threats in its network using a VM. The organization wants to extract metadata from network packet flow while ensuring that payloads are not retained or transferred outside the network. Which solution meets these requirements?

  • A. Cisco Stealthwatch Cloud PCM
  • B. Cisco Stealthwatch Cloud PNM
  • C. Cisco Umbrella On-Premises
  • D. Cisco Umbrella Cloud

Answer: B

Explanation:
Explanation Private Network Monitoring (PNM) provides visibility and threat detection for the on-premises network, delivered from the cloud as a SaaS solution. It is the perfect solution for organizations who prefer SaaS products and desire better awareness and security in their on-premises environments while reducing capital expenditure and operational overhead. It works by deploying lightweight software in a virtual machine or server that can consume a variety of native sources of telemetry or extract metadata from network packet flow. It encrypts this metadata and sends it to the Stealthwatch Cloud analytics platform for analysis. Stealthwatch Cloud consumes metadata only. The packet payloads are never retained or transferred outside the network. This lab focuses on how to configure a Stealthwatch Cloud Private Network Monitoring (PNM) Sensor, in order to provide visibility and effectively identify active threats, and monitors user and device behavior within onpremises networks. The Stealthwatch Cloud PNM Sensor is an extremely flexible piece of technology, capable of being utilized in a number of different deployment scenarios. It can be deployed as a complete Ubuntu based virtual appliance on different hypervisors (e.g. -VMware, VirtualBox). It can be deployed on hardware running a number of different Linux-based operating systems. Reference: https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/5eU6DfQV/LTRSEC-2240-LG2.pdf Private Network Monitoring (PNM) provides visibility and threat detection for the on-premises network, delivered from the cloud as a SaaS solution. It is the perfect solution for organizations who prefer SaaS products and desire better awareness and security in their on-premises environments while reducing capital expenditure and operational overhead. It works by deploying lightweight software in a virtual machine or server that can consume a variety of native sources of telemetry or extract metadata from network packet flow. It encrypts this metadata and sends it to the Stealthwatch Cloud analytics platform for analysis. Stealthwatch Cloud consumes metadata only. The packet payloads are never retained or transferred outside the network.
This lab focuses on how to configure a Stealthwatch Cloud Private Network Monitoring (PNM) Sensor, in order to provide visibility and effectively identify active threats, and monitors user and device behavior within onpremises networks.
The Stealthwatch Cloud PNM Sensor is an extremely flexible piece of technology, capable of being utilized in a number of different deployment scenarios. It can be deployed as a complete Ubuntu based virtual appliance on different hypervisors (e.g. -VMware, VirtualBox). It can be deployed on hardware running a number of different Linux-based operating systems.
Explanation Private Network Monitoring (PNM) provides visibility and threat detection for the on-premises network, delivered from the cloud as a SaaS solution. It is the perfect solution for organizations who prefer SaaS products and desire better awareness and security in their on-premises environments while reducing capital expenditure and operational overhead. It works by deploying lightweight software in a virtual machine or server that can consume a variety of native sources of telemetry or extract metadata from network packet flow. It encrypts this metadata and sends it to the Stealthwatch Cloud analytics platform for analysis. Stealthwatch Cloud consumes metadata only. The packet payloads are never retained or transferred outside the network. This lab focuses on how to configure a Stealthwatch Cloud Private Network Monitoring (PNM) Sensor, in order to provide visibility and effectively identify active threats, and monitors user and device behavior within onpremises networks. The Stealthwatch Cloud PNM Sensor is an extremely flexible piece of technology, capable of being utilized in a number of different deployment scenarios. It can be deployed as a complete Ubuntu based virtual appliance on different hypervisors (e.g. -VMware, VirtualBox). It can be deployed on hardware running a number of different Linux-based operating systems. Reference: https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/5eU6DfQV/LTRSEC-2240-LG2.pdf

 

NEW QUESTION 29
Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?

  • A. authoring
  • B. analysis
  • C. sharing
  • D. consumption

Answer: D

Explanation:
... we will showcase Cisco Threat Intelligence Director (CTID) an exciting feature on Cisco's Firepower Management Center (FMC) product offering that automates the operationalization of threat intelligence. TID has the ability to consume threat intelligence via STIX over TAXII and allows uploads/downloads of STIX and simple blacklists. Reference: https://blogs.cisco.com/developer/automate-threat-intelligence-using-cisco-threat-intelligencedirector
... we will showcase Cisco Threat Intelligence Director (CTID) an exciting feature on Cisco's Firepower
... we will showcase Cisco Threat Intelligence Director (CTID) an exciting feature on Cisco's Firepower Management Center (FMC) product offering that automates the operationalization of threat intelligence. TID has the ability to consume threat intelligence via STIX over TAXII and allows uploads/downloads of STIX and simple blacklists. Reference: https://blogs.cisco.com/developer/automate-threat-intelligence-using-cisco-threat-intelligencedirector

 

NEW QUESTION 30
What can be integrated with Cisco Threat Intelligence Director to provide information about security threats, which allows the SOC to proactively automate responses to those threats?

  • A. External Threat Feeds
  • B. Cisco Stealthwatch
  • C. Cisco Umbrella
  • D. Cisco Threat Grid

Answer: D

 

NEW QUESTION 31
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?

  • A. privilege escalation
  • B. file access from a different user
  • C. user login suspicious behavior
  • D. interesting file access

Answer: C

 

NEW QUESTION 32
......

350-701 Exam Questions Get Updated [2021] with Correct Answers: https://www.validexam.com/350-701-latest-dumps.html

Pass 350-701 Exam - Real Questions & Answers: https://drive.google.com/open?id=1psWTaOR8VDKkLpp5CNSusDiWRgFg8qja

Related Articles

more
Cisco 350-701 Certification Practice Exam

Our website will provide you with latest exam dumps based on the real exams to make sure you pass valid test in a short time.

Latest Pass Braindumps Exam

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ValidExam NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy