$0.00
Cisco 350-701 Dumps

Cisco 350-701 Exam Dumps

Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)

Total Questions : 630
Update Date : October 01, 2024
PDF + Test Engine
$65 $95
Test Engine
$55 $85
PDF Only
$45 $75



Last Week 350-701 Exam Results

253

Customers Passed Cisco 350-701 Exam

98%

Average Score In Real 350-701 Exam

97%

Questions came from our 350-701 dumps.



Choosing the Right Path for Your 350-701 Exam Preparation

Welcome to PassExamHub's comprehensive study guide for the Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) exam. Our 350-701 dumps is designed to equip you with the knowledge and resources you need to confidently prepare for and succeed in the 350-701 certification exam.

What Our Cisco 350-701 Study Material Offers

PassExamHub's 350-701 dumps PDF is carefully crafted to provide you with a comprehensive and effective learning experience. Our study material includes:

In-depth Content: Our study guide covers all the key concepts, topics, and skills you need to master for the 350-701 exam. Each topic is explained in a clear and concise manner, making it easy to understand even the most complex concepts.
Online Test Engine: Test your knowledge and build your confidence with a wide range of practice questions that simulate the actual exam format. Our test engine cover every exam objective and provide detailed explanations for both correct and incorrect answers.
Exam Strategies: Get valuable insights into exam-taking strategies, time management, and how to approach different types of questions.
Real-world Scenarios: Gain practical insights into applying your knowledge in real-world scenarios, ensuring you're well-prepared to tackle challenges in your professional career.

Why Choose PassExamHub?

Expertise: Our 350-701 exam questions answers are developed by experienced Cisco certified professionals who have a deep understanding of the exam objectives and industry best practices.
Comprehensive Coverage: We leave no stone unturned in covering every topic and skill that could appear on the 350-701 exam, ensuring you're fully prepared.
Engaging Learning: Our content is presented in a user-friendly and engaging format, making your study sessions enjoyable and effective.
Proven Success: Countless students have used our study materials to achieve their 350-701 certifications and advance their careers.
Start Your Journey Today!

Embark on your journey to Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) success with PassExamHub. Our study material is your trusted companion in preparing for the 350-701 exam and unlocking exciting career opportunities.

Cisco 350-701 Sample Question Answers

Question # 1

What provides total management for mobile and PC including managing inventory and device tracking, remote view, and live troubleshooting using the included native remote desktop support? 

A. mobile device management 
B. mobile content management 
C. mobile application management 
D. mobile access management



Question # 2

Which two commands are required when configuring a flow-export action on a Cisco ASA? (Choose two.)

A. flow-export event-type 
B. policy-map 
C. access-list 
D. flow-export template timeout-rate 15 
E. access-group 



Question # 3

Which characteristic is unique to a Cisco WSAv as compared to a physical appliance?

A. supports VMware vMotion on VMware ESXi B. requires an additional license C. performs transparent redirection D. supports SSL decryption
A. supports VMware vMotion on VMware ESXi 
B. requires an additional license 
C. performs transparent redirection 
D. supports SSL decryption



Question # 4

What is the most commonly used protocol for network telemetry?

A. SMTP 
B. SNMP 
C. TFTP 
D. NctFlow 



Question # 5

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https:///capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

A. Disable the proxy setting on the browser
 B. Disable the HTTPS server and use HTTP instead 
C. Use the Cisco FTD IP address as the proxy server setting on the browser 
D. Enable the HTTPS server for the device platform policy 



Question # 6

What is a functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client? 

A. The Umbrella Roaming client stops and tracks malicious activity on hosts, and AMP for Endpoints tracks only URL-based threats. 
B. The Umbrella Roaming Client authenticates users and provides segmentation, and AMP for Endpoints allows only for VPN connectivity 
C. AMP for Endpoints authenticates users and provides segmentation, and the Umbrella Roaming Client allows only for VPN connectivity. 
D. AMP for Endpoints stops and tracks malicious activity on hosts, and the Umbrella Roaming Client tracks only URL-based threats. 



Question # 7

An engineer is configuring Dropbox integration with Cisco Cloudlock. Which action must be taken before granting API access in the Dropbox admin console? 

A. Authorize Dropbox within the Platform settings in the Cisco Cloudlock portal. 
B. Add Dropbox to the Cisco Cloudlock Authentication and API section in the Cisco Cloudlock portal.
 C. Send an API request to Cisco Cloudlock from Dropbox admin portal. 
D. Add Cisco Cloudlock to the Dropbox admin portal. 



Question # 8

Which API method and required attribute are used to add a device into Cisco DNA Center with the native API? 

A. GET and serialNumber
 B. userSudiSerlalNos and deviceInfo 
C. POST and name 
D. lastSyncTime and pid 



Question # 9

What does endpoint isolation in Cisco AMP for Endpoints security protect from?

A. an infection spreading across the network E 
B. a malware spreading across the user device 
C. an infection spreading across the LDAP or Active Directory domain from a user account 
D. a malware spreading across the LDAP or Active Directory domain from a user account



Question # 10

What are two benefits of using an MDM solution? (Choose two.)

A. grants administrators a way to remotely wipe a lost or stolen device 
B. provides simple and streamlined login experience for multiple applications and users 
C. native integration that helps secure applications across multiple cloud platforms or onpremises environments 
D. encrypts data that is stored on endpoints 
E. allows for centralized management of endpoint device applications and configurations 



Question # 11

An engineer is configuring cloud logging using a company-managed Amazon S3 bucket for Cisco Umbrella logs. What benefit does this configuration provide for accessing log data? 

A. It is included m the license cost for the multi-org console of Cisco Umbrella 
B. It can grant third-party SIEM integrations write access to the S3 bucket
 C. No other applications except Cisco Umbrella can write to the S3 bucket 
D. Data can be stored offline for 30 days. 



Question # 12

Email security has become a high priority task for a security engineer at a large multinational organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10 00 to -6 00) on the Cisco ESA Which action will the system perform to disable any links in messages that match the filter?

A. Defang 
B. Quarantine
 C. FilterAction 
D. ScreenAction 



Question # 13

Client workstations are experiencing extremely poor response time. An engineer suspects that an attacker is eavesdropping and making independent connections while relaying messages between victims to make them think they are talking to each other over a private connection. Which feature must be enabled and configured to provide relief from this type of attack? 

A. Link Aggregation 
B. Reverse ARP 
C. private VLANs 
D. Dynamic ARP Inspection



Question # 14

Which two protocols must be configured to authenticate end users to the Web Security Appliance? (Choose two.)

A. NTLMSSP
 B. Kerberos 
C. CHAP 
D. TACACS+ 
E. RADIUS 



Question # 15

Which action must be taken in the AMP for Endpoints console to detect specific MD5 signatures on endpoints and then quarantine the files?

A. Configure an advanced custom detection list. 
B. Configure an IP Block & Allow custom detection list 
C. Configure an application custom detection list 
D. Configure a simple custom detection list 



Question # 16

How does Cisco Workload Optimization portion of the network do EPP solutions solely performance issues?

A. It deploys an AWS Lambda system 
B. It automates resource resizing
 C. It optimizes a flow path 
D. It sets up a workload forensic score



Question # 17

Which Cisco Firewall solution requires zone definition? 

A. CBAC
 B. Cisco AMP 
C. ZBFW 
D. Cisco ASA 



Question # 18

Which Cisco DNA Center RESTful PNP API adds and claims a device into a workflow?

A. api/v1/fie/config 
B. api/v1/onboarding/pnp-device/import 
C. api/v1/onboarding/pnp-device 
D. api/v1/onboarding/workflow 



Question # 19

Which capability is provided by application visibility and control?

A. reputation filtering
B. data obfuscation 
C. data encryption 
D. deep packet inspection 



Question # 20

When network telemetry is implemented, what is important to be enabled across all network infrastructure devices to correlate different sources?

A. CDP 
B. NTP 
C. syslog 
D. DNS 



Question # 21

What is a benefit of using Cisco Umbrella?

A. DNS queries are resolved faster. 
B. Attacks can be mitigated before the application connection occurs. 
C. Files are scanned for viruses before they are allowed to run.
 D. It prevents malicious inbound traffic. 



Question # 22

Which two criteria must a certificate meet before the WSA uses it to decrypt application traffic? (Choose two.)

A. It must include the current date. 
B. It must reside in the trusted store of the WSA. 
C. It must reside in the trusted store of the endpoint. 
D. It must have been signed by an internal CA. 
E. it must contain a SAN. 



Question # 23

A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.) 

A. Segment different departments to different IP blocks and enable Dynamic ARp inspection on all VLANs 
B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.
 C. Ensure that a user cannot enter the network of another department. 
D. Perform a posture check to allow only network access to (hose Windows devices that are already patched. 
E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW. ni 



Question # 24

Email security has become a high priority task for a security engineer at a large multinational organization due to ongoing phishing campaigns. To help control this, the engineer has deployed an Incoming Content Filter with a URL reputation of (-10 00 to -6 00) on the Cisco ESA Which action will the system perform to disable any links in messages that match the filter? 

A. Defang 
B. Quarantine
 C. FilterAction 
D. ScreenAction 



Question # 25

What are two workloaded security models? (Choose two)

A. SaaS 
B. IaaS 
C. on-premises 
D. off-premises 
E. PaaS 



Question # 26

Which two configurations must be made on Cisco ISE and on Cisco TrustSec devices to force a session to be adjusted after a policy change is made? (Choose two)

A. posture assessment 
B. aaa authorization exec default local 
C. tacacs-server host 10.1.1.250 key password 
D. aaa server radius dynamic-author 
E. CoA



Question # 27

Which open standard creates a framework for sharing threat intelligence in a machinedigestible format? 

A. OpenC2 
B. OpenlOC 
C. CybOX 
D. STIX 



Question # 28

What is a characteristic of an EDR solution and not of an EPP solution?

A. stops all ransomware attacks 
B. retrospective analysis 
C. decrypts SSL traffic for better visibility 
D. performs signature-based detection 



Question # 29

What is the purpose of the Cisco Endpoint loC feature?

A. It provides stealth threat prevention.
 B. lt is a signature-based engine. 
C. lt is an incident response tool 
D. It provides precompromise detection.



Question # 30

An organization is implementing AAA for their users. They need to ensure that authorization is verified for every command that is being entered by the network administrator. Which protocol must be configured in order to provide this capability?

A. EAPOL 
B. SSH 
C. RADIUS 
D. TACACS+ 



Question # 31

Which feature is used in a push model to allow for session identification, host reauthentication, and session termination?

A. AAA attributes 
B. CoA request 
C. AV pair 
D. carrier-grade NAT



Question # 32

How does Cisco AMP for Endpoints provide next-generation protection? 

A. It encrypts data on user endpoints to protect against ransomware. 
B. It leverages an endpoint protection platform and endpoint detection and response. 
C. It utilizes Cisco pxGrid, which allows Cisco AMP to pull threat feeds from threat intelligence centers. 
D. It integrates with Cisco FTD devices. 



Question # 33

Which two capabilities does an MDM provide? (Choose two.)

A. delivery of network malware reports to an inbox in a schedule 
B. unified management of mobile devices, Macs, and PCs from a centralized dashboard 
C. enforcement of device security policies from a centralized dashboard 
D. manual identification and classification of client devices 
E. unified management of Android and Apple devices from a centralized dashboard 



Question # 34

What are two benefits of using Cisco Duo as an MFA solution? (Choose two.) 

A. grants administrators a way to remotely wipe a lost or stolen device 
B. provides simple and streamlined login experience for multiple applications and users 
C. native integration that helps secure applications across multiple cloud platforms or onpremises environments
 D. encrypts data that is stored on endpoints
 E. allows for centralized management of endpoint device applications and configurations 



Question # 35

Which security solution is used for posture assessment of the endpoints in a BYOD solution?

A. Cisco FTD 
B. Cisco ASA 
C. Cisco Umbrella 
D. Cisco ISE



Question # 36

What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two.) 

A. REST uses methods such as GET, PUT, POST, and DELETE. 
B. REST codes can be compiled with any programming language. 
C. REST is a Linux platform-based architecture. 
D. The POST action replaces existing data at the URL path. 
E. REST uses HTTP to send a request to a web service. 



Question # 37

Which command is used to log all events to a destination colector 209.165.201.107?

A. CiscoASA(config-pmap-c)#flow-export event-type flow-update destination 209.165.201.10 
B. CiscoASA(config-cmap)# flow-export event-type all destination 209.165.201. 
C. CiscoASA(config-pmap-c)#flow-export event-type all destination 209.165.201.10 
D. CiscoASA(config-cmap)#flow-export event-type flow-update destination 209.165.201.10 



Question # 38

Which open standard creates a framework for sharing threat intelligence in a machinedigestible format?

A. OpenC2 
B. OpenlOC 
C. CybOX 
D. STIX 



Question # 39

During a recent security audit a Cisco IOS router with a working IPSEC configuration using IKEv1 was flagged for using a wildcard mask with the crypto isakmp key command The VPN peer is a SOHO router with a dynamically assigned IP address Dynamic DNS has been configured on the SOHO router to map the dynamic IP address to the host name of vpn sohoroutercompany.com In addition to the command crypto isakmp key Cisc425007536 hostname vpn.sohoroutercompany.com what other two commands are now required on the Cisco IOS router for the VPN to continue to function after the wildcard command is removed? (Choose two)

A. ip host vpn.sohoroutercompany.eom 
B. crypto isakmp identity hostname 
C. Add the dynamic keyword to the existing crypto map command 
D. fqdn vpn.sohoroutercompany.com 
E. ip name-server 



Question # 40

What is the process In DevSecOps where all changes In the central code repository are merged and synchronized?

A. CD 
B. EP 
C. CI 
D. QA 



Question # 41

Which algorithm is an NGE hash function?

A. HMAC 
B. SHA-1 
C. MD5 
D. SISHA-2



Question # 42

Which function is performed by certificate authorities but is a limitation of registration authorities?

A. accepts enrollment requests 
B. certificate re-enrollment 
C. verifying user identity 
D. CRL publishing 



Question # 43

What is the purpose of a NetFlow version 9 template record?

A. It specifies the data format of NetFlow processes. 
B. It provides a standardized set of information about an IP flow. 
C. lt defines the format of data records. 
D. It serves as a unique identification number to distinguish individual data records



Question # 44

What is the term for the concept of limiting communication between applications or containers on the same node?

A. container orchestration 
B. software-defined access 
C. microservicing 
D. microsegmentation 



Question # 45

Which Cisco security solution stops exfiltration using HTTPS?

A. Cisco FTD 
B. Cisco AnyConnect 
C. Cisco CTA 
D. Cisco ASA 



Question # 46

A company identified a phishing vulnerability during a pentest What are two ways the company can protect employees from the attack? (Choose two.) 

A. using Cisco Umbrella
 B. using Cisco ESA 
C. using Cisco FTD 
D. using an inline IPS/IDS in the network 
E. using Cisco ISE 



Question # 47

An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing file named abc424952615.exe without quarantining that file What type of Outbreak Control list must the SHA.-256 hash value for the file be added to in order to accomplish this? 

A. Advanced Custom Detection 
B. Blocked Application 
C. Isolation 
D. Simple Custom Detection 



Question # 48

Which Cisco solution integrates Encrypted Traffic Analytics to perform enhanced visibility,promote compliance,shorten response times, and provide administrators with the information needed to provide educated and automated decisions to secure the environment?

A. Cisco DNA Center 
B. Cisco SDN 
C. Cisco ISE 
D. Cisco Security Compiance Solution 



Question # 49

Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls? 

A. NTP 
B. syslog 
C. SNMP 
D. NetFlow



Question # 50

An engineer musí set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used?

A. sticky 
B. static 
C. aging
 D. maximum 



Question # 51

What is a function of Cisco AMP for Endpoints? 

A. It detects DNS attacks 
B. It protects against web-based attacks 
C. It blocks email-based attacks 
D. It automates threat responses of an infected host 



Question # 52

Which feature requires that network telemetry be enabled?

A. per-interface stats
 B. SNMP trap notification 
C. Layer 2 device discovery 
D. central syslog system 



Question # 53

An engineer is adding a Cisco router to an existing environment. NTP authentication is configured on all devices in the environment with the command ntp authentication-key 1 md5 Clsc427128380. There are two routers on the network that are configured as NTP servers for redundancy, 192.168.1.110 and 192.168.1.111. 192.168.1.110 is configured as the authoritative time source. What command must be configured on the new router to use 192.168.1.110 as its primary time source without the new router attempting to offer time to existing devices?

A. ntp server 192.168.1.110 primary key 1 
B. ntp peer 192.168.1.110 prefer key 1 
C. ntp server 192.168.1.110 key 1 prefer 
D. ntp peer 192.168.1.110 key 1 primary



Question # 54

DoS attacks are categorized as what?

 A. phishing attacks 
B. flood attacks 
C. virus attacks 
D. trojan attacks



Question # 55

Which ESA implementation method segregates inbound and outbound email?

A. one listener on a single physical Interface 
B. pair of logical listeners on a single physical interface with two unique logical IPv4 addresses and one IPv6 address 
C. pair of logical IPv4 listeners and a pair Of IPv6 listeners on two physically separate interfaces 
D. one listener on one logical IPv4 address on a single logical interface 



Question # 56

DoS attacks are categorized as what?

A. phishing attacks 
B. flood attacks 
C. virus attacks 
D. trojan attacks 



Question # 57

Which feature does the laaS model provide?

A. granular control of data
 B. dedicated, restricted workstations 
C. automatic updates and patching of software
 D. software-defined network segmentation 



Question # 58

Which threat intelligence standard contains malware hashes?

A. structured threat information expression 
B. advanced persistent threat 
C. trusted automated exchange or indicator information 
D. open command and control



Question # 59

An engineer is implementing DHCP security mechanisms and needs the ability to add additional attributes to profiles that are created within Cisco ISE Which action accomplishes this task?

A. Define MAC-to-lP address mappings in the switch to ensure that rogue devices cannot get an IP address 
B. Use DHCP option 82 to ensure that the request is from a legitimate endpoint and send the information to Cisco ISE 
C. Modify the DHCP relay and point the IP address to Cisco ISE. 
D. Configure DHCP snooping on the switch VLANs and trust the necessary interfaces 



Question # 60

An engineer recently completed the system setup on a Cisco WSA Which URL information does the system send to SensorBase Network servers?

A. Summarized server-name information and MD5-hashed path information 
B. complete URL,without obfuscating the path segments 
C. URL information collected from clients that connect to the Cisco WSA using Cisco AnyConnect 
D. none because SensorBase Network Participation is disabled by default 



Question # 61

What is a benefit of using GET VPN over FlexVPN within a VPN deployment? 

A. GET VPN supports Remote Access VPNs 
B. GET VPN natively supports MPLS and private IP networks 
C. GET VPN uses multiple security associations for connections 
D. GET VPN interoperates with non-Cisco devices



Question # 62

Why should organizations migrate to a multifactor authentication strategy? 

A. Multifactor authentication methods of authentication are never compromised 
B. Biometrics authentication leads to the need for multifactor authentication due to its ability to be hacked easily 
C. Multifactor authentication does not require any piece of evidence for an authentication mechanism 
D. Single methods of authentication can be compromised more easily than multifactor authentication 



Question # 63

Which API method and required attribute are used to add a device into DNAC with the native API?

A. lastSyncTime and pid 
B. POST and name 
C. userSudiSerialNos and devicelnfo 
D. GET and serialNumber