350-701 Online Practice Questions and Answers

DRAG DROP

Drag and drop the capabilities from the left onto the correct technologies on the right.

Select and Place:

Which benefit does endpoint security provide the overall security posture of an organization?

A. It streamlines the incident response process to automatically perform digital forensics on the endpoint.

B. It allows the organization to mitigate web-based attacks as long as the user is active in the domain.

C. It allows the organization to detect and respond to threats at the edge of the network.

D. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect.

Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two)

A. accounting

B. assurance

C. automation

D. authentication

E. encryption

Which compliance status is shown when a configured posture policy requirement is not met?

A. compliant

B. unknown

C. authorized

D. noncompliant

Which two preventive measures are used to control cross-site scripting? (Choose two)

A. Enable client-side scripts on a per-domain basis.

B. Incorporate contextual output encoding/escaping.

C. Disable cookie inspection in the HTML inspection engine.

D. Run untrusted HTML input through an HTML sanitization engine.

E. Same Site cookie attribute should not be used.

What are two recommended approaches to stop DNS tunneling for data exfiltration and command and control call backs? (Choose two.)

A. Use intrusion prevention system.

B. Block all TXT DNS records.

C. Enforce security over port 53.

D. Use next generation firewalls.

E. Use Cisco Umbrella.

An organization wants to improve its cybersecurity processes and to add intelligence to its data The organization wants to utilize the most current intelligence data for URL filtering, reputations, and vulnerability information that can be integrated with the Cisco FTD and Cisco WSA What must be done to accomplish these objectives?

A. Create a Cisco pxGrid connection to NIST to import this information into the security products for policy use

B. Create an automated download of the Internet Storm Center intelligence feed into the Cisco FTD and Cisco WSA databases to tie to the dynamic access control policies.

C. Download the threat intelligence feed from the IETF and import it into the Cisco FTD and Cisco WSA databases

D. Configure the integrations with Talos Intelligence to take advantage of the threat intelligence that it provides.

A network administrator needs to find out what assets currently exist on the network. Third- party systems need to be able to feed host data into Cisco Firepower. What must be configured to accomplish this?

A. a Network Discovery policy to receive data from the host

B. a Threat Intelligence policy to download the data from the host

C. a File Analysis policy to send file data into Cisco Firepower

D. a Network Analysis policy to receive NetFlow data from the host