최신 350-701 무료덤프 - Cisco Implementing and Operating Cisco Security Core Technologies

문제1

An engineer is configuring Cisco Umbrella and has an identity that references two different policies. Which action ensures that the policy that the identity must use takes precedence over the second one?

A. Place the policy with the most-specific configuration last in the policy order

B. Configure only the policy with the most recently changed timestamp

C. Make the correct policy first in the policy order

D. Configure the default policy to redirect the requests to the correct policy

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제2

An organization is using DNS services for their network and want to help improve the security of the DNS infrastructure. Which action accomplishes this task?

A. Configure Cisco Umbrella and use DNSSEC for domain authentication to authoritative servers.

B. Modify the Cisco Umbrella configuration to pass queries only to non-DNSSEC capable zones.

C. Integrate Cisco Umbrella with Cisco CloudLock to ensure that DNSSEC is functional.

D. Use DNSSEC between the endpoints and Cisco Umbrella DNS servers.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제3

What is the intent of a basic SYN flood attack?

A. to flush the register stack to re-initiate the buffers

B. to cause the buffer to overflow

C. to exceed the threshold limit of the connection queue

D. to solicit DNS responses

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Which benefit does DMVPN provide over GETVPN?

A. DMVPN is a tunnel-less VPN, and GETVPN is tunnel-based.

B. DMVPN can be used over the public Internet, and GETVPN requires a private network.

C. DMVPN supports QoS, multicast, and routing, and GETVPN supports only QoS.

D. DMVPN supports non-IP protocols, and GETVPN supports only IP protocols.

정답: B

문제5

Which baseline form of telemetry is recommended for network infrastructure devices?

A. SNMP

B. passive taps

C. SDNS

D. NetFlow

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제6

For a given policy in Cisco Umbrella, how should a customer block website based on a custom list?

A. by specifying the websites in a custom blocked category

B. by adding the websites to a blocked type destination list

C. by adding the website IP addresses to the Cisco Umbrella blocklist

D. by specifying blocked domains in me policy settings

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제7

How does Cisco AMP for Endpoints provide next-generation protection?

A. It encrypts data on user endpoints to protect against ransomware.

B. It integrates with Cisco FTD devices.

C. It utilizes Cisco pxGrid, which allows Cisco AMP to pull threat feeds from threat intelligence centers.

D. It leverages an endpoint protection platform and endpoint detection and response.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Refer to the exhibit. All servers are in the same VLAN/Subnet. DNS Server-1 and DNS Server-2 must communicate with each other, and all servers must communicate with default gateway multilayer switch.
Which type of private VLAN ports should be configured to prevent communication between DNS servers and the file server?

A. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as community port, and GigabitEthernet0/3 and GrgabitEthernet0/4 as isolated ports.

B. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as promiscuous port, Gigabit Ethernet0/3 and GigabitEthernet0/4 as isolated ports C. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as isolated port and GigabitEthernet0/3 and GrgabitEthernet0/4 as community ports

C. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as isolated port, and GigabitEthernet0/3 and GigabitEthernet0/4 as promiscuous ports.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제9

What does endpoint isolation in Cisco AMP for Endpoints security protect from?

A. a malware spreading across the user device

B. an infection spreading across the LDAP or Active Directory domain from a user account

C. a malware spreading across the LDAP or Active Directory domain from a user account

D. an infection spreading across the network E

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Refer to the exhibit.

What does the number 15 represent in this configuration?

A. interval in seconds between SNMPv3 authentication attempts

B. access list that identifies the SNMP devices that can access the router

C. privilege level for an authorized user to this router

D. number of possible failed attempts until the SNMPv3 user is locked out

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제11

In which two ways does the Cisco Advanced Phishing Protection solution protect users? (Choose two.)

A. It prevents use of compromised accounts and social engineering.

B. It prevents trojan horse malware using sensors.

C. It secures all passwords that are shared in video conferences.

D. It automatically removes malicious emails from users' inbox.

E. It prevents all zero-day attacks coming from the Internet.

정답: A,D

설명: (DumpTOP 회원만 볼 수 있음)

문제12

Which two protocols must be configured to authenticate end users to the Web Security Appliance? (Choose two.)

A. RADIUS

B. TACACS+

C. CHAP

D. Kerberos

E. NTLMSSP

정답: D,E

설명: (DumpTOP 회원만 볼 수 있음)

문제13

A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface.
How does the switch behave in this situation?

A. It drops the packet without validation.

B. It forwards the packet after validation by using the MAC Binding Table.

C. It drops the packet after validation by using the IP & MAC Binding Table.

D. It forwards the packet without validation.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제14

What is a benefit of using Cisco FMC over Cisco ASDM?

A. Cisco FMC uses Java while Cisco ASDM uses HTML5.

B. Cisco FMC supports pushing configurations to devices while Cisco ASDM does not.

C. Cisco FMC provides centralized management while Cisco ASDM does not.

D. Cisco FMC supports all firewall products whereas Cisco ASDM only supports Cisco ASA devices

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제15

On which part of the IT environment does DevSecOps focus?

A. data center

B. application development

C. perimeter network

D. wireless network

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제16

What is a difference between FlexVPN and DMVPN?

A. FlexVPN uses IKEv1 or IKEv2, DMVPN uses only IKEv2

B. DMVPN uses IKEv1 or IKEv2, FlexVPN only uses IKEv1

C. DMVPN uses only IKEv1 FlexVPN uses only IKEv2

D. FlexVPN uses IKEv2, DMVPN uses IKEv1 or IKEv2

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

최신 350-701 무료덤프 - Cisco Implementing and Operating Cisco Security Core Technologies

우리와 연락하기

유용한 링크

최신 업데이트