350-701無料問題集「Cisco Implementing and Operating Cisco Security Core Technologies」

質問 1

Which type of data exfiltration technique encodes data in outbound DNS requests to specific servers and can be stopped by Cisco Umbrella?

（A）DNS hijacking

（B）DNS flood attack

（C）cache poisoning

（D）DNS tunneling

正解：D 解答を投票する

質問 2

An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and this needs to happen dynamically.
What must be configured to accomplish this?

（A）Configure the Cisco WSA to receive real-time updates from Talos

（B）Configure the Cisco WSA to modify policies based on the traffic seen

（C）Configure the Cisco ESA to receive real-time updates from Talos

（D）Configure the Cisco ESA to modify policies based on the traffic seen

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

An administrator is configuring N I P on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source Which two steps must be taken to accomplish this task? (Choose two)

（A）Choose the interface for syncing to the NTP server

（B）Specify the NTP version

（C）Configure the NTP stratum

（D）Set the NTP DNS hostname

（E）Set the authentication key

正解：A、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occurring?

（A）Client computers do not have an SSL certificate deployed from an internal CA server.

（B）IP-Layer Enforcement is not configured.

（C）Client computers do not have the Cisco Umbrella Root CA certificate installed.

（D）Intelligent proxy and SSL decryption is disabled in the policy

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which open source tool does Cisco use to create graphical visualizations of network telemetry on Cisco IOS XE devices?

（A）Splunk

（B）InfluxDB

（C）SNMP

（D）Grafana

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

A security engineer must add destinations into a destination list in Cisco Umbrella. What describes the application of these changes?

（A）The changes are applied only after the configuration is saved in Cisco Umbrella.

（B）The changes are applied immediately it the destination list is part or a policy.

（C）The user role of Block Page Bypass or higher is needed to perform these changes.

（D）The destination list must be removed from the policy before changes are made to It.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which role is a default guest type in Cisco ISE?

（A）Yearly

（B）Monthly

（C）Full-Time

（D）Contractor

正解：C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Which two capabilities does TAXII support? (Choose two)

正解：D、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

In which scenario is endpoint-based security the solution?

（A）inspecting encrypted traffic

（B）performing signature-based application control

（C）inspecting a password-protected archive

（D）device profiling and authorization

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Which solution is more secure than the traditional use of a username and password and encompasses at least two of the methods of authentication?

（A）Kerberos security solution

（B）multifactor authentication

（C）single-sign on

（D）RADIUS/LDAP authentication

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

An organization wants to provide visibility and to identify active threats in its network using a VM. The organization wants to extract metadata from network packet flow while ensuring that payloads are not retained or transferred outside the network. Which solution meets these requirements?

（A）Cisco Umbrella On-Premises

（B）Cisco Stealthwatch Cloud PNM

（C）Cisco Umbrella Cloud

（D）Cisco Stealthwatch Cloud PCM

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

Which two activities can be done using Cisco DNA Center? (Choose two)