Home Exams
Log In Sign Up
Exams > Cisco > 350-701: Implementing and Operating Cisco Security Core Technologies
350-701: Implementing and Operating Cisco Security Core Technologies
Page 16 out of 52 pages Questions 151-160 out of 515 questions
Question#151

A customer has various external HTTP resources available including Intranet, Extranet, and Internet, with a proxy configuration running in explicit mode. Which method allows the client desktop browsers to be configured to select when to connect direct or when to use proxy?

  • A. Bridge mode
  • B. Transparent mode
  • C. .PAC file
  • D. Forward file
Discover Answer Hide Answer

C

Question#152

What is a benefit of using Cisco CWS compared to an on-premises Cisco WSA?

  • A. Content scanning for SAAS cloud applications is available through Cisco CWS and not available through Cisco WSA.
  • B. URL categories are updated more frequently on Cisco CWS than they are on Cisco WSA.
  • C. Cisco CWS minimizes the load on the internal network and security infrastructure as compared to Cisco WSA.
  • D. Cisco CWS eliminates the need to backhaul traffic through headquarters for remote workers whereas Cisco WSA does not.
Discover Answer Hide Answer

D
Reference:
https://www.cisco.com/c/en/us/products/collateral/security/web-security-appliance/guide-c07-742373.html

Question#153

An engineer needs to add protection for data in transit and have headers in the email message. Which configuration is needed to accomplish this goal?

  • A. Deploy an encryption appliance.
  • B. Provision the email appliance.
  • C. Map sender IP addresses to a host interface.
  • D. Enable flagged message handling.
Discover Answer Hide Answer

B

Question#154

Which Cisco platform processes behavior baselines, monitors for deviations, and reviews for malicious processes in data center traffic and servers while performing software vulnerability detection?

  • A. Cisco Tetration
  • B. Cisco ISE
  • C. Cisco AnyConnect
  • D. Cisco AMP for Network
Discover Answer Hide Answer

A
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/white_papers/Cisco-IT-Tetration-Deployment-Part-2-of-2.html

Question#155

A network engineer must configure a Cisco ESA to prompt users to enter two forms of information before gaining access. The Cisco ESA must also join a cluster machine using preshared keys. What must be configured to meet these requirements?

  • A. Enable two-factor authentication through a RADIUS server and then join the cluster by using the Cisco ESA GUI.
  • B. Enable two-factor authentication through a TACACS+ server and then join the cluster by using the Cisco ESA CLI.
  • C. Enable two-factor authentication through a TACACS+ server and then join the cluster by using the Cisco ESA GUI.
  • D. Enable two-factor authentication through a RADIUS server and then join the cluster by using the Cisco ESA CLI.
Discover Answer Hide Answer

A

Question#156


Refer to the exhibit. How does Cisco Umbrella manage traffic that is directed toward risky domains?

  • A. Traffic is managed by the application settings, unhandled and allowed.
  • B. Traffic is managed by the security settings and blocked.
  • C. Traffic is proxied through the intelligent proxy.
  • D. Traffic is allowed but logged.
Discover Answer Hide Answer

B

Question#157

An organization wants to improve its cybersecurity processes and to add intelligence to its data. The organization wants to utilize the most current intelligence data for URL filtering, reputations, and vulnerability information that can be integrated with the Cisco FTD and Cisco WSA. What must be done to accomplish these objectives?

  • A. Configure the integrations with Talos intelligence to take advantage of the threat intelligence that it provides.
  • B. Download the threat intelligence feed from the IETF and import it into the Cisco FTD and Cisco WSA databases.
  • C. Create an automated download of the Internet Storm Center intelligence feed into the Cisco FTD and Cisco WSA databases to tie to the dynamic access control policies.
  • D. Create a Cisco pxGrid connection to NIST to import this information into the security products for policy use.
Discover Answer Hide Answer

A

Question#158

An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error.
Why is the error occurring?

  • A. Client computers do not have an SSL certificate deployed from an internal CA server.
  • B. Client computers do not have the Cisco Umbrella Root CA certificate installed.
  • C. IP-Layer Enforcement is not configured.
  • D. Intelligent proxy and SSL decryption is disabled in the policy.
Discover Answer Hide Answer

A

Question#159

Which feature within Cisco Umbrella allows for the ability to inspect secure HTTP traffic?

  • A. File Analysis
  • B. SafeSearch
  • C. SSL Decryption
  • D. Destination Lists
Discover Answer Hide Answer

C

Question#160

When web policies are configured in Cisco Umbrella, what provides the ability to ensure that domains are blocked when they host malware, command and control, phishing, and more threats?

  • A. Application Control
  • B. Security Category Blocking
  • C. Content Category Blocking
  • D. File Analysis
Discover Answer Hide Answer

B
Reference:
https://support.umbrella.com/hc/en-us/articles/115004563666-Understanding-Security-Categories

chevron rightPrevious Nextchevron right
Email: support@exam-data.com
Copyright © 2024 Exam Data. All rights reserved.
Home Exams
chevron
Public Agreement Privacy Policy Sales and Refunds