CCNP Security 350-701試験と認定テストエンジン [Q340-Q359]

（PDF)CCNP Security 350-701試験と認定テストエンジン

無料提供中の350-701試験問題集で（2023年最新のPDF問題集）信頼度の高い350-701テストエンジン

質問 # 340
How does Cisco Umbrella archive logs to an enterprise-owned storage?

• A. by being configured to send logs to a self-managed AWS S3 bucket
• B. by using the Application Programming Interface to fetch the logs
• C. by the system administrator downloading the logs from the Cisco Umbrella web portal
• D. by sending logs via syslog to an on-premises or cloud-based syslog server

正解：A

質問 # 341
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.

正解：

解説：

質問 # 342
What are the two types of managed Intercloud Fabric deployment models? (Choose two.)

• A. Enterprise managed
• B. User managed
• C. Hybrid managed
• D. Public managed
• E. Service Provider managed

正解：C、E

解説：

質問 # 343
Drag and drop the Cisco CWS redirection options from the left onto the capabilities on the right.

正解：

解説：

質問 # 344
What are two functions of IKEv1 but not IKEv2? (Choose two)

• A. IKEv1 uses EAP authentication
• B. NAT-T is supported in IKEv1 but rot in IKEv2.
• C. IKEv1 conversations are initiated by the IKE_SA_INIT message
• D. With IKEv1, when using aggressive mode, the initiator and responder identities are passed cleartext
• E. With IKEv1, mode negotiates faster than main mode

正解：C、E

質問 # 345
Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?

• A. quality of service
• B. time synchronization
• C. intrusion policy
• D. network address translations

正解：D

質問 # 346
Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?

• A. DTLSv1
• B. TLSv1.2
• C. TLSv1.1
• D. BJTLSv1

正解：A

解説：
DTLS is used for delay sensitive applications (voice and video) as its UDP based while TLS is TCP based.
Therefore DTLS offers strongest throughput performance. The throughput of DTLS at the time of AnyConnect connection can be expected to have processing performance close to VPN throughput.

質問 # 347
Drag and drop the capabilities from the left onto the correct technologies on the right.

正解：

解説：

質問 # 348
An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransom ware infection? (Choose two)

• A. Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network.
• B. Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
• C. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
• D. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.
• E. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.

正解：B、E

解説：
Explanation
A posture policy is a collection of posture requirements, which are associated with one or more identity groups, and operating systems. We can configure ISE to check for the Windows patch at Work Centers > Posture > Posture Elements > Conditions > File.
In this example, we are going to use the predefined file check to ensure that our Windows 10 clients have the critical security patch installed to prevent the Wanna Cry malware.

質問 # 349
How does Cisco Advanced Phishing Protection protect users?

• A. It utilizes sensors that send messages securely.
• B. It validates the sender by using DKIM.
• C. It uses machine learning and real-time behavior analytics.
• D. It determines which identities are perceived by the sender

正解：C

解説：

https://www.cisco.com/c/dam/en/us/products/collateral/security/cloud-email-security/at-a-glance-c45-740894.pdf

質問 # 350
What is the purpose of CA in a PKI?

• A. to certify the ownership of a public key by the named subject
• B. to issue and revoke digital certificates.
• C. to create the private key for a digital certificate.
• D. to validate the authenticity of a digital certificate

正解：B

質問 # 351
How does Cisco Stealthwatch Cloud provide security for cloud environments?

• A. It prevents exfiltration of sensitive data.
• B. It facilitates secure connectivity between public and private networks.
• C. It assigns Internet-based DNS protection for clients and servers.
• D. It delivers visibility and threat detection.

正解：D

解説：
Explanation/Reference: https://www.content.shi.com/SHIcom/ContentAttachmentImages/SharedResources/FBLP/Cisco/ Cisco-091919-Simple-IT-Whitepaper.pdf

質問 # 352
What are the two most commonly used authentication factors in multifactor authentication? (Choose two)

• A. encryption factor
• B. confidentiality factor
• C. knowledge factor
• D. biometric factor
• E. time factor

正解：C、D

解説：
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource. MFA requires means of verification that unauthorized users won't have. Proper multi-factor authentication uses factors from at least two different categories. MFA methods: + Knowledge - usually a password - is the most commonly used tool in MFA solutions. However, despite their simplicity, passwords have become a security problem and slow down productivity. + Physical factors - also called possession factors-use tokens, such as a USB dongle or a portable device, that generate a temporary QR (quick response) code. Mobile phones are commonly used, as they have the advantage of being readily available in most situations. + Inherent - This category includes biometrics like fingerprint, face, and retina scans. As technology advances, it may also include voice ID or other behavioral inputs like keystroke metrics. Because inherent factors are reliably unique, always present, and secure, this category shows promise. + Location-based and time-based - Authentication systems can use GPS coordinates, network parameters, and metadata for the network in use, and device recognition for MFA. Adaptive authentication combines these data points with historical or contextual user data. A time factor in conjunction with a location factor could detect an attacker attempting to authenticate in Europe when the user was last authenticated in California an hour prior, for example. + Time-based one-time password (TOTP) - This is generally used in 2FA but could apply to any MFA method where a second step is introduced dynamically at login upon completing a first step. The wait for a second step-in which temporary passcodes are sent by SMS or email-is usually brief, and the process is easy to use for a wide range of users and devices. This method is currently widely used. + Social media - In this case a user grants permission for a website to use their social media username and password for login. This provide an easy login process, and one generally available to all users. + Risk-based authentication - Sometimes called adaptive multi-factor authentication, this method combines adaptive authentication and algorithms that calculate risk and observe the context of specific login requests. The goal of this method is to reduce redundant logins and provide a more user-friendly workflow. + Push-based 2FA - Push-based 2FA improves on SMS and TOTP 2FA by adding additional layers of security while improving ease of use. It confirms a user's identity with multiple factors of authentication that other methods cannot. Because push-based 2FA sends notifications through data networks like cellular or Wi-Fi, users must have data access on their mobile devices to use the 2FA functionality. Reference: https://www.cisco.com/c/en/us/products/security/what-is-multi-factor-authentication.html The two most popular authentication factors are knowledge and inherent (including biometrics like fingerprint, face, and retina scans. Biometrics is used commonly in mobile devices).
verification factors to gain access to a resource. MFA requires means of verification that unauthorized users won't have.
Proper multi-factor authentication uses factors from at least two different categories.
MFA methods:
+ Knowledge - usually a password - is the most commonly used tool in MFA solutions. However, despite their simplicity, passwords have become a security problem and slow down productivity.
+ Physical factors - also called possession factors-use tokens, such as a USB dongle or a portable device, that generate a temporary QR (quick response) code. Mobile phones are commonly used, as they have the advantage of being readily available in most situations.
+ Inherent - This category includes biometrics like fingerprint, face, and retina scans. As technology advances, it may also include voice ID or other behavioral inputs like keystroke metrics. Because inherent factors are reliably unique, always present, and secure, this category shows promise.
+ Location-based and time-based - Authentication systems can use GPS coordinates, network parameters, and metadata for the network in use, and device recognition for MFA. Adaptive authentication combines these data points with historical or contextual user data.
A time factor in conjunction with a location factor could detect an attacker attempting to authenticate in Europe when the user was last authenticated in California an hour prior, for example.
+ Time-based one-time password (TOTP) - This is generally used in 2FA but could apply to any MFA method where a second step is introduced dynamically at login upon completing a first step. The wait for a second step-in which temporary passcodes are sent by SMS or email-is usually brief, and the process is easy to use for a wide range of users and devices. This method is currently widely used.
+ Social media - In this case a user grants permission for a website to use their social media username and password for login. This provide an easy login process, and one generally available to all users.
+ Risk-based authentication - Sometimes called adaptive multi-factor authentication, this method combines adaptive authentication and algorithms that calculate risk and observe the context of specific login requests.
The goal of this method is to reduce redundant logins and provide a more user-friendly workflow.
+ Push-based 2FA - Push-based 2FA improves on SMS and TOTP 2FA by adding additional layers of security while improving ease of use. It confirms a user's identity with multiple factors of authentication that other methods cannot. Because push-based 2FA sends notifications through data networks like cellular or Wi-Fi, users must have data access on their mobile devices to use the 2FA functionality.
Reference:
The two most popular authentication factors are knowledge and inherent (including biometrics like fingerprint, Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource. MFA requires means of verification that unauthorized users won't have. Proper multi-factor authentication uses factors from at least two different categories. MFA methods: + Knowledge - usually a password - is the most commonly used tool in MFA solutions. However, despite their simplicity, passwords have become a security problem and slow down productivity. + Physical factors - also called possession factors-use tokens, such as a USB dongle or a portable device, that generate a temporary QR (quick response) code. Mobile phones are commonly used, as they have the advantage of being readily available in most situations. + Inherent - This category includes biometrics like fingerprint, face, and retina scans. As technology advances, it may also include voice ID or other behavioral inputs like keystroke metrics. Because inherent factors are reliably unique, always present, and secure, this category shows promise. + Location-based and time-based - Authentication systems can use GPS coordinates, network parameters, and metadata for the network in use, and device recognition for MFA. Adaptive authentication combines these data points with historical or contextual user data. A time factor in conjunction with a location factor could detect an attacker attempting to authenticate in Europe when the user was last authenticated in California an hour prior, for example. + Time-based one-time password (TOTP) - This is generally used in 2FA but could apply to any MFA method where a second step is introduced dynamically at login upon completing a first step. The wait for a second step-in which temporary passcodes are sent by SMS or email-is usually brief, and the process is easy to use for a wide range of users and devices. This method is currently widely used. + Social media - In this case a user grants permission for a website to use their social media username and password for login. This provide an easy login process, and one generally available to all users. + Risk-based authentication - Sometimes called adaptive multi-factor authentication, this method combines adaptive authentication and algorithms that calculate risk and observe the context of specific login requests. The goal of this method is to reduce redundant logins and provide a more user-friendly workflow. + Push-based 2FA - Push-based 2FA improves on SMS and TOTP 2FA by adding additional layers of security while improving ease of use. It confirms a user's identity with multiple factors of authentication that other methods cannot. Because push-based 2FA sends notifications through data networks like cellular or Wi-Fi, users must have data access on their mobile devices to use the 2FA functionality. Reference: https://www.cisco.com/c/en/us/products/security/what-is-multi-factor-authentication.html The two most popular authentication factors are knowledge and inherent (including biometrics like fingerprint, face, and retina scans. Biometrics is used commonly in mobile devices).

質問 # 353
An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism. Which port on the firewall must be opened to allow the CoA traffic to traverse the network?

• A. TCP 6514
• B. UDP 1812
• C. UDP 1700
• D. TCP 49

正解：C

解説：
Explanation

質問 # 354
Which two protocols must be configured to authenticate end users to the Web Security Appliance? (Choose two.)

• A. RADIUS
• B. NTLMSSP
• C. Kerberos
• D. TACACS+
• E. CHAP

正解：B、C

質問 # 355
A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?

• A. The file is queued for upload when connectivity is restored.
• B. The ESA immediately makes another attempt to upload the file.
• C. AMP calculates the SHA-256 fingerprint, caches it, and periodically attempts the upload.
• D. The file upload is abandoned.

正解：C

解説：
Reference:

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118796-technote-esa-00.html

質問 # 356
Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right.

正解：

解説：

質問 # 357
Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from the left onto the correct definitions on the right.

正解：

解説：

Explanation

Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/detecti

質問 # 358
Refer to the exhibit.

Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense appliance. What is causing this issue?

• A. The access control policy is not allowing VPN traffic in.
• B. No split-tunnel policy is defined on the Firepower Threat Defense appliance.
• C. Site-to-site VPN peers are using different encryption algorithms.
• D. Site-to-site VPN preshared keys are mismatched.

正解：A

解説：
Explanation Explanation If sysopt permit-vpn is not enabled then an access control policy must be created to allow the VPN traffic through the FTD device. If sysopt permit-vpn is enabled skip creating an access control policy. Reference: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/215470- site-to-site-vpn-configuration-on-ftd-ma.html

質問 # 359
......

Cisco 350-701認定試験は、セキュリティ技術に関連する広範なトピックをカバーする厳しいテストです。この試験は、約90〜110の多肢選択問題で構成され、120分間続きます。試験に合格した受験者は、グローバルに認知され、ネットワークセキュリティにおける熟練度を証明するCisco Certified Specialist - Security Core認定を受けることができます。

 

350-701完全版問題集には無料PDF問題で合格させる：https://www.jpntest.com/shiken/350-701-mondaishu