Exams > Cisco > 350-701: Implementing and Operating Cisco Security Core Technologies
350-701: Implementing and Operating Cisco Security Core Technologies
Page 26 out of 52 pages Questions 251-260 out of 515 questions
Question#251

An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users. Which action accomplishes this goal?

  • A. Restrict access to only websites with trusted third-party signed certificates.
  • B. Modify the user's browser settings to suppress errors from Cisco Umbrella.
  • C. Upload the organization root CA to Cisco Umbrella.
  • D. Install the Cisco Umbrella root CA onto the user's device.
Discover Answer Hide Answer

D

Question#252

What is the purpose of joining Cisco WSAs to an appliance group?

  • A. All WSAs in the group can view file analysis results.
  • B. The group supports improved redundancy
  • C. It supports cluster operations to expedite the malware analysis process.
  • D. It simplifies the task of patching multiple appliances.
Discover Answer Hide Answer

B

Question#253

Why should organizations migrate to an MFA strategy for authentication?

  • A. Single methods of authentication can be compromised more easily than MFA.
  • B. Biometrics authentication leads to the need for MFA due to its ability to be hacked easily.
  • C. MFA methods of authentication are never compromised.
  • D. MFA does not require any piece of evidence for an authentication mechanism.
Discover Answer Hide Answer

A

Question#254

Which technology should be used to help prevent an attacker from stealing usernames and passwords of users within an organization?

  • A. RADIUS-based REAP
  • B. fingerprinting
  • C. Dynamic ARP Inspection
  • D. multifactor authentication
Discover Answer Hide Answer

D

Question#255

Which type of attack is MFA an effective deterrent for?

  • A. ping of death
  • B. phishing
  • C. teardrop
  • D. syn flood
Discover Answer Hide Answer

B

Question#256

Which solution for remote workers enables protection, detection, and response on the endpoint against known and unknown threats?

  • A. Cisco AMP for Endpoints
  • B. Cisco AnyConnect
  • C. Cisco Umbrella
  • D. Cisco Duo
Discover Answer Hide Answer

A

Question#257

Which two actions does the Cisco Identity Services Engine posture module provide that ensures endpoint security? (Choose two.)

  • A. Assignments to endpoint groups are made dynamically, based on endpoint attributes.
  • B. Endpoint supplicant configuration is deployed.
  • C. A centralized management solution is deployed.
  • D. Patch management remediation is performed.
  • E. The latest antivirus updates are applied before access is allowed.
Discover Answer Hide Answer

AD

Question#258

What is an advantage of the Cisco Umbrella roaming client?

  • A. the ability to see all traffic without requiring TLS decryption
  • B. visibility into IP-based threats by tunneling suspicious IP connections
  • C. the ability to dynamically categorize traffic to previously uncategorized sites
  • D. visibility into traffic that is destined to sites within the office environment
Discover Answer Hide Answer

C

Question#259

Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption?

  • A. Cisco Advanced Malware Protection
  • B. Cisco Stealthwatch
  • C. Cisco Identity Services Engine
  • D. Cisco AnyConnect
Discover Answer Hide Answer

B

Question#260

Which two Cisco ISE components must be configured for BYOD? (Choose two.)

  • A. local WebAuth
  • B. central WebAuth
  • C. null WebAuth
  • D. guest
  • E. dual
Discover Answer Hide Answer

AD

chevron rightPrevious Nextchevron right