あなたを合格させる350-701試験問題集で使おう(更新された630問があります) [Q115-Q131]

Share

あなたを合格させる350-701試験問題集で使おう(更新された630問があります)

350-701試験問題集でCisco練習テスト問題

質問 # 115
Refer to the exhibit.

A network administrator configures command authorization for the admin5 user. What is the admin5 user able to do on HQ_Router after this configuration?

  • A. add subinterfaces
  • B. complete all configurations
  • C. complete no configurations
  • D. set the IP address of an interface

正解:C

解説:
ExplanationThe user "admin5" was configured with privilege level 5. In order to allow configuration (enter globalconfiguration mode), we must type this command:(config)#privilege exec level 5 configure terminalWithout this command, this user cannot do any configuration.Note: Cisco IOS supports privilege levels from 0 to 15, but the privilege levels which are used by default are privilege level 1 (user EXEC) and level privilege 15 (privilege EXEC)


質問 # 116
What is a function of 3DES in reference to cryptography?

  • A. It creates one-time use passwords.
  • B. It encrypts traffic.
  • C. It generates private keys.
  • D. It hashes files.

正解:B

解説:
3DES is a symmetric-key block cipher that applies the DES algorithm three times to each data block. It was developed to improve the security of DES, which has a small key size and is vulnerable to brute-force attacks.
3DES encrypts traffic by using three different keys, each 56 bits long, to perform three rounds of encryption on the plaintext. The encryption process can be described as follows:
* Encrypt the plaintext with the first key (K1).
* Decrypt the result with the second key (K2).
* Encrypt the result again with the third key (K3).
The final ciphertext is the output of the third encryption. The decryption process is the reverse of the encryption process, using the same keys in reverse order:
* Decrypt the ciphertext with the third key (K3).
* Encrypt the result with the second key (K2).
* Decrypt the result again with the first key (K1).
The final plaintext is the output of the third decryption. 3DES is more secure than DES because it uses a longer effective key length of 168 bits (56 x 3), which makes brute-force attacks more difficult. However,
3DES is also slower than DES because it requires three times more computations. Moreover, 3DES has some weaknesses, such as the meet-in-the-middle attack, which can reduce the effective key length to 112 bits. Therefore, 3DES is not recommended for new applications and has been deprecated by NIST since
201712
References := 1: NIST Special Publication 800-67 Revision 2 Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher 2: What is 3DES encryption and how does DES work? | Comparitech


質問 # 117
Drag and drop the cloud security assessment components from the left onto the definitions on the right.

正解:

解説:
Steps:


質問 # 118
An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly identifying all valid recipients. What must be done on the Cisco ESA to accomplish this goal?

  • A. Configure incoming content filters
  • B. Configure Directory Harvest Attack Prevention
  • C. Bypass LDAP access queries in the recipient access table
  • D. Use Bounce Verification

正解:B

解説:
A Directory Harvest Attack (DHA) is a technique used by spammers to find valid/existent email addresses at a domain either by using Brute force or by guessing valid e-mail addresses at a domain using different permutations of common username. Its easy for attackers to get hold of a valid email address if your organization uses standard format for official e-mail alias (for example: [email protected]). We can configure DHA Prevention to prevent malicious actors from quickly identifying valid recipients.
Note: Lightweight Directory Access Protocol (LDAP) is an Internet protocol that email programs use to look up contact information from a server, such as ClickMail Central Directory. For example, here's an LDAP search translated into plain English: "Search for all people located in Chicago who's name contains "Fred" that have an email address. Please return their full name, email, title, and description.


質問 # 119
Drag and drop the threats from the left onto examples of that threat on the right

正解:

解説:


質問 # 120
Drag and drop the steps from the left into the correct order on the right to enable AppDynamics to monitor an EC2 instance in Amazon Web Services.

正解:

解説:


質問 # 121
Which Cisco security solution integrates with cloud applications like Dropbox and Office 365 while protecting data from being exfiltrated?

  • A. Cisco Tajos
  • B. Cisco Umbrella Investigate
  • C. Cisco Steaithwatch Cloud
  • D. Cisco Cloudlock

正解:D


質問 # 122
What is a benefit of a Cisco Secure Email Gateway Virtual as compared to a physical Secure Email Gateway?

  • A. provides faster performance
  • B. provides an automated setup process
  • C. simplifies the distribution of software updates
  • D. enables the allocation of additional resources

正解:D

解説:
One of the benefits of a Cisco Secure Email Gateway Virtual appliance compared to a physical one is the ability to allocate additional resources as needed. Virtual appliances can be easily scaled up by allocating more CPU, memory, or storage resources, providing flexibility and scalability in response to changing demands or growth.


質問 # 123
Why is it important to implement MFA inside of an organization?

  • A. To prevent DoS attacks from being successful.
  • B. To prevent phishing attacks from being successful.
  • C. To prevent brute force attacks from being successful.
  • D. To prevent man-the-middle attacks from being successful.

正解:C


質問 # 124
A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface.
How does the switch behave in this situation?

  • A. It drops the packet after validation by using the IP & MAC Binding Table.
  • B. It forwards the packet after validation by using the MAC Binding Table.
  • C. It forwards the packet without validation.
  • D. It drops the packet without validation.

正解:C


質問 # 125
How does Cisco Stealthwatch Cloud provide security for cloud environments?

  • A. It assigns Internet-based DNS protection for clients and servers.
  • B. It facilitates secure connectivity between public and private networks.
  • C. It prevents exfiltration of sensitive data.
  • D. It delivers visibility and threat detection.

正解:D

解説:
Explanation
Cisco Stealthwatch Cloud: Available as an SaaS product offer to provide visibility and threat detection within public cloud infrastructures such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).


質問 # 126
What is the intent of a basic SYN flood attack?

  • A. to cause the buffer to overflow
  • B. to flush the register stack to re-initiate the buffers
  • C. to exceed the threshold limit of the connection queue
  • D. to solicit DNS responses

正解:C

解説:
A basic SYN flood attack is a type of denial-of-service (DoS) attack that aims to exhaust the resources of a server by sending a large number of SYN packets and not completing the TCP three-way handshake. The intent of this attack is to exceed the threshold limit of the connection queue, which is the data structure that stores the information about the pending connections. By doing so, the attacker prevents legitimate clients from establishing connections with the server, as the server cannot accept any more SYN requests. A SYN flood attack can be performed with spoofed IP addresses or without IP spoofing, depending on the attacker's strategy and the server's configuration. References: [Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0], Module 3: Securing Networks with Firewalls, Lesson 3.2: Firewall Technologies,


質問 # 127
Drag and drop the capabilities from the left onto the correct technologies on the right.

正解:

解説:


質問 # 128
Drag and drop the capabilities from the left onto the correct technologies on the right.

正解:

解説:


質問 # 129
Drag and drop the steps from the left into the correct order on the right to enable AppDynamics to monitor an EC2 instance in Amazon Web Services.

正解:

解説:

Explanation:
Graphical user interface, text, application Description automatically generated


質問 # 130
What are the two types of managed Intercloud Fabric deployment models? (Choose two)

  • A. User managed
  • B. Hybrid managed
  • C. Public managed
  • D. Service Provider managed
  • E. Enterprise managed

正解:E

解説:
Explanation Explanation Many enterprises prefer to deploy development workloads in the public cloud, primarily for convenience and faster deployment. This approach can cause concern for IT administrators, who must control the flow of IT traffic and spending and help ensure the security of data and intellectual property. Without the proper controls, data and intellectual property can escape this oversight. The Cisco Intercloud Fabric solution helps control this shadow IT, discovering resources deployed in the public cloud outside IT control and placing these resources under Cisco Intercloud Fabric control. Cisco Intercloud Fabric addresses the cloud deployment requirements appropriate for two hybrid cloud deployment models: Enterprise Managed (an enterprise manages its own cloud environments) and Service Provider Managed (the service provider administers and controls all cloud resources). Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Hybrid_Cloud/Intercloud/Intercloud_Fabric.pdf The Cisco Intercloud Fabric architecture provides two product configurations to address the following two consumption models: + Cisco Intercloud Fabric for Business + Cisco Intercloud Fabric for Providers Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Hybrid_Cloud/Intercloud/Intercloud_Fabric/ Intercloud_Fabric_2.html


質問 # 131
......

最新でリアルな350-701試験問題集解答:https://drive.google.com/open?id=1DaRuGygIhRd3Z4slTxsz-yDnSKgt04Q8

あなたをお手軽に合格させる350-701試験正確なPDF問題:https://jp.fast2test.com/350-701-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어