350-701試験問題集でPDF問題とテストエンジン [Q283-Q304]

350-701試験問題集でPDF問題とテストエンジン

350-701問題集で必ず試験合格させる

Cisco 350-701試験は、Cisco Security Solutionsの実装と管理の経験があるITプロフェッショナルを対象としています。ネットワークエンジニア、ネットワーク管理者、ネットワークセキュリティスペシャリスト、サイバーセキュリティアナリストに適しています。この試験は、複雑なセキュリティテクノロジーを扱う候補者の能力と、エンタープライズ環境でセキュリティソリューションの実装と管理に習熟する能力を評価するように設計されています。

Cisco Security Core Technologies（SCOR）の実装と運用に関する試験である、コード番号350-701の試験は、ネットワークセキュリティ、クラウドセキュリティ、コンテンツセキュリティ、エンドポイント保護、セキュアネットワークアクセスの分野における、候補者の専門知識を評価します。この試験は、業界のベストプラクティスと標準を満たすセキュリティソリューションの設計、展開、構成、管理、トラブルシューティング能力を評価するように設計されています。

質問 # 283
An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the endpoint to apply a new or updated policy from ISE. Which CoA type achieves this goal?

A. CoA Session Query
B. Port Bounce
C. CoA Reauth
D. CoA Terminate

正解：C

質問 # 284
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?

A. Prevalence
B. Threat root cause
C. Detections
D. Vulnerable software
E. File analysis

正解：A

解説：
Prevalence allows you to view files that have been executed in your deployment.
Note: Threat Root Cause shows how malware is getting onto your computers.
Prevalence allows you to view files that have been executed in your deployment.
Note: Threat Root Cause shows how malware is getting onto your computers.
Reference:
Prevalence allows you to view files that have been executed in your deployment.
Note: Threat Root Cause shows how malware is getting onto your computers.

質問 # 285
What is a feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?

A. Secure NetFlow connections are optimized for Cisco Prime Infrastructure
B. Multiple NetFlow collectors are supported.
C. Advanced NetFlow v9 templates and legacy v5 formatting are supported.
D. Flow-create events are delayed.

正解：B

解説：
Explanation

質問 # 286
On which part of the IT environment does DevSecOps focus?

A. application development
B. data center
C. perimeter network
D. wireless network

正解：A

質問 # 287
Which network monitoring solution uses streams and pushes operational data to provide a near real-time view of activity?

A. SNMP
B. model-driven telemetry
C. SMTP
D. syslog

正解：B

解説：
The traditional use of the pull model, where the client requests data from the network does not scale when what you want is near real-time data. Moreover, in some use cases, there is the need to be notified only when some data changes, like interfaces status, protocol neighbors change etc. Model-Driven Telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics. Applications can subscribe to specific data items they need, by using standard-based YANG data models over NETCONF-YANG. Cisco IOS XE streaming telemetry allows to push data off of the device to an external collector at a much higher frequency, more efficiently, as well as data on-change streaming. Reference: https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide Model-Driven Telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics.
Applications can subscribe to specific data items they need, by using standard-based YANG data models over NETCONF-YANG. Cisco IOS XE streaming telemetry allows to push data off of the device to an external collector at a much higher frequency, more efficiently, as well as data on-change streaming.
The traditional use of the pull model, where the client requests data from the network does not scale when what you want is near real-time data. Moreover, in some use cases, there is the need to be notified only when some data changes, like interfaces status, protocol neighbors change etc. Model-Driven Telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics. Applications can subscribe to specific data items they need, by using standard-based YANG data models over NETCONF-YANG. Cisco IOS XE streaming telemetry allows to push data off of the device to an external collector at a much higher frequency, more efficiently, as well as data on-change streaming. Reference: https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide

質問 # 288
How is ICMP used as an exfiltration technique?

A. by overwhelming a targeted host with ICMP echo-request packets
B. by encrypting the payload in an ICMP packet to carry out command and control tasks on a compromised host
C. by sending large numbers of ICMP packets with a targeted hosts source IP address using an IP broadcast address
D. by flooding the destination host with unreachable packets

正解：B

質問 # 289
Which public cloud provider supports the Cisco Next Generation Firewall Virtual?

A. Google Cloud Platform
B. Red Hat Enterprise Visualization
C. VMware ESXi
D. Amazon Web Services

正解：D

解説：
Reference:

質問 # 290
A Cisco ESA network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is discovered that the Cisco ESA is not dropping files that have an undetermined verdict. What is causing this issue?

A. The policy was created to send a message to quarantine instead of drop
B. The policy was created to disable file analysis
C. The file has a reputation score that is above the threshold
D. The file has a reputation score that is below the threshold

正解：B

解説：
Maybe the "newly installed service" in this Qmentions about Advanced Malware Protection (AMP) which can be used along with ESA. AMP allows superior protection across the attack continuum.
+ File Reputation - captures a fingerprint of each file as it traverses the ESA and sends it to AMP's cloudbased intelligence network for a reputation verdict. Given these results, you can automatically block malicious files and apply administrator-defined policy.
+ File Analysis - provides the ability to analyze unknown files that are traversing the ESA. A highly secure sandbox environment enables AMP to glean precise details about the file's behavior and to combine that data with detailed human and machine analysis to determine the file's threat level. This disposition is then fed into AMP cloud-based intelligence network and used to dynamically update and expand the AMP cloud data set for enhanced protection

質問 # 291
Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?

A. network discovery
B. intrusion
C. access control
D. correlation

正解：A

質問 # 292
Which public cloud provider supports the Cisco Next Generation Firewall Virtual?

A. Google Cloud Platform
B. Red Hat Enterprise Visualization
C. VMware ESXi
D. Amazon Web Services

正解：D

解説：
Explanation

質問 # 293
I I
An engineer musiet up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used?

A. aging
B. sticky
C. maximum
D. static

正解：B

質問 # 294
Drag and drop the capabilities from the left onto the correct technologies on the right.

正解：

解説：

質問 # 295
What is a commonality between DMVPN and FlexVPN technologies?

A. FlexVPN and DMVPN use the new key management protocol
B. FlexVPN and DMVPN use the same hashing algorithms
C. FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes
D. IOS routers run the same NHRP code for DMVPN and FlexVPN

正解：D

解説：
In its essence, FlexVPN is the same as DMVPN. Connections between devices are still point-to-point GRE tunnels, spoke-to-spoke connectivity is still achieved with NHRP redirect message, IOS routers even run the same NHRP code for both DMVPN and FlexVPN, which also means that both are Cisco's proprietary technologies.

質問 # 296
Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from the left onto the correct definitions on the right.

正解：

解説：

Explanation

Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/detecti

質問 # 297
Which Cisco product is open, scalable, and built on IETF standards to allow multiple security products from Cisco and other vendors to share data and interoperate with each other?

A. Multifactor Platform Integration
B. Firepower Threat Defense
C. Advanced Malware Protection
D. Platform Exchange Grid

正解：D

解説：
Explanation
With Cisco pxGrid (Platform Exchange Grid), your multiple security products can now share data and work together. This open, scalable, and IETF standards-driven platform helps you automate security to get answers and contain threats faster.

質問 # 298
Where are individual sites specified to be blacklisted in Cisco Umbrella?

A. destination lists
B. application settings
C. content categories
D. security settings

正解：A

質問 # 299
Drag and drop the solutions from the left onto the solution's benefits on the right.

正解：

解説：

質問 # 300
Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.)

A. access-group
B. flow-export template timeout-rate 15
C. flow-export event-type
D. policy-map
E. access-list

正解：C、D

質問 # 301
Refer to the exhibit.

A network administrator configures command authorization for the admin5 user. What is the admin5 user able to do on HQ_Router after this configuration?

A. set the IP address of an interface
B. add subinterfaces
C. complete all configurations
D. complete no configurations

正解：D

解説：
The user "admin5" was configured with privilege level 5. In order to allow configuration (enter global configuration mode), we must type this command: (config)#privilege exec level 5 configure terminal Without this command, this user cannot do any configuration. Note: Cisco IOS supports privilege levels from 0 to 15, but the privilege levels which are used by default are privilege level 1 (user EXEC) and level privilege 15 (privilege EXEC)

質問 # 302
Which group within Cisco writes and publishes a weekly newsletter to help cybersecurity professionals remain aware of the ongoing and most prevalent threats?