350-701 Online Practice Questions and Answers

Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?

A. TLSv1.2

B. TLSv1.1

C. BJTLSv1

D. DTLSv1

Why is it important for the organization to have an endpoint patching strategy?

A. so the organization can identify endpoint vulnerabilities

B. so the internal PSIRT organization is aware of the latest bugs

C. so the network administrator is notified when an existing bug is encountered

D. so the latest security fixes are installed on the endpoints

Which algorithm is an NGE hash function?

A. HMAC

B. SHA-1

C. MD5

D. SISHA-2

Which ESA implementation method segregates inbound and outbound email?

A. one listener on a single physical Interface

B. pair of logical listeners on a single physical interface with two unique logical IPv4 addresses and one IPv6 address

C. pair of logical IPv4 listeners and a pair Of IPv6 listeners on two physically separate interfaces

D. one listener on one logical IPv4 address on a single logical interface

Which Cisco network security device supports contextual awareness?

A. ISE

B. Cisco IOS

C. Cisco ASA

D. Firepower

In which two customer environments is the Cisco WSAv connector traffic direction method selected? (Choose two.)

A. Customer owns ASA Appliance and Virtual Form Factor is required.

B. Customer does not own Cisco hardware and needs Explicit Proxy.

C. Customer owns ASA Appliance and SSL Tunneling is required.

D. Customer needs to support roaming users.

E. Customer does not own Cisco hardware and needs Transparent Redirection (WCCP).

Which role is a default guest type in Cisco ISE?

A. Monthly

B. Yearly

C. Contractor

D. Full-Time

What is the role of an endpoint in protecting a user from a phishing attack?

A. Use Cisco Stealthwatch and Cisco ISE Integration.

B. Utilize 802.1X network security to ensure unauthorized access to resources.

C. Use machine learning models to help identify anomalies and determine expected sending behavior.

D. Ensure that antivirus and anti malware software is up to date

An administrator is configuring N I P on Cisco ASA via ASDM and needs to ensure that rogue NTP servers cannot insert themselves as the authoritative time source Which two steps must be taken to accomplish this task? (Choose two)

A. Specify the NTP version

B. Configure the NTP stratum

C. Set the authentication key

D. Choose the interface for syncing to the NTP server

E. Set the NTP DNS hostname

Why is it important to patch endpoints consistently?

A. Patching reduces the attack surface of the infrastructure.

B. Patching helps to mitigate vulnerabilities.

C. Patching is required per the vendor contract.

D. Patching allows for creating a honeypot.