最新の[2025年01月08日]350-701試験問題集で有効で更新された問題集 [Q172-Q193]

Share

最新の[2025年01月08日]350-701試験問題集で有効で更新された問題集

無料お試しまもなく終了!100%有効な350-701試験問題集には630問があります


Cisco 350-701 認定試験は、ネットワークセキュリティの分野でキャリアを進めたい IT 専門家にとって理想的な選択肢です。この認定は、セキュリティオペレーションセンター、ネットワーク管理、またはセキュリティコンサルティングで働く人々にとって特に価値があります。この認定を取得することで、候補者は、安全なネットワークを設計、実装、管理し、サイバー脅威から保護する能力を証明することができます。


Cisco 350-701認定試験は、コアセキュリティテクノロジーの実装と運用に必要な知識とスキルをテストするために設計されています。この試験は、CCNPセキュリティまたはCCIIEセキュリティ認証を取得したい人にとっての要件です。この試験では、ネットワークセキュリティ、クラウドセキュリティ、エンドポイント保護、安全なネットワークアクセスなど、幅広いトピックをカバーしています。これは、複雑な環境でセキュリティソリューションを設計、展開、管理するセキュリティ専門家の能力をテストする包括的な試験です。


Cisco 350-701試験は、Cisco Security Technologiesの確固たる理解が必要な厳密な試験です。試験に合格したITの専門家は、Cisco Technologiesを使用してセキュリティソリューションを設計、実装、およびトラブルシューティングする能力を実証することができます。この認定は、Cisco Security Core Technologiesの実装と運営におけるIT専門家のスキルと知識を検証するため、雇用主によって高く評価されています。また、この認定は、ITの専門家に、職業へのコミットメントと、業界の最新のトレンドを最新の状態に保つ能力を示しているため、雇用市場の競争力を提供します。

 

質問 # 172
What is a benefit of using Cisco Tetration?

  • A. It collects near-real time data from servers and inventories the software packages that exist on servers.
  • B. It collects enforcement data from servers and collects interpacket variation.
  • C. It collects policy compliance data and process details.
  • D. It collects telemetry data from servers and then uses software sensors to analyze flow information.

正解:D

解説:
Cisco Tetration is a hybrid-cloud workload protection platform that secures compute instances in both the on-premises data center and the public cloud1. One of the benefits of using Cisco Tetration is that it collects telemetry data from servers and then uses software sensors to analyze flow information2. This allows Cisco Tetration to provide comprehensive visibility into every workload interaction and powerful AI/ML driven automation2. By analyzing the flow information, Cisco Tetration can also generate microsegmentation policies, detect workload behavior anomalies, identify software vulnerabilities, and monitor policy compliance23. References: 1: Cisco Secure Workload (formerly Tetration) FAQ 2: Cisco Secure Workload Platform Data Sheet 3: Cisco Tetration Platform - Cisco


質問 # 173
Which capability is provided by application visibility and control?

  • A. data encryption
  • B. reputation filtering
  • C. deep packet inspection
  • D. data obfuscation

正解:C

解説:
Application visibility and control (AVC) is a solution that leverages multiple technologies to recognize, analyze, and control over 1000 applications, including voice and video, email, file sharing, gaming, peer-to-peer (P2P), and cloud-based applications1. One of the key components of AVC is application recognition, which uses stateful deep packet inspection (DPI) to identify applications within the network traffic flow, using L3 to L7 data2. DPI is a technique that examines the content of packets beyond the header information, and can classify applications based on their signatures, protocols, ports, or other attributes3. DPI enables AVC to monitor and control application performance, bandwidth usage, quality of service, and security policies4. References := 1: Cisco Application Visibility and Control (AVC) - Cisco 2: Cisco Application Visibility and Control User Guide - Technology Overview 3: What is application visibility and control? | Juniper Networks US 4: Application visibility and control - Secure Internet Access Enterprise


質問 # 174
Which feature must be configured before implementing NetFlow on a router?

  • A. syslog
  • B. IP routing
  • C. VRF
  • D. SNMPv3

正解:B


質問 # 175
An engineer is configuring Cisco WSA and needs to enable a separated email transfer flow from the Internet and from the LAN. Which deployment mode must be used to accomplish this goal?

  • A. single interface
  • B. transparent
  • C. multi-context
  • D. two-interface

正解:D

解説:
To enable a separated email transfer flow from the Internet and from the LAN, the engineer must use the two-interface deployment mode on the Cisco WSA. This mode allows the WSA to have two separate network interfaces, one for the Internet traffic and one for the LAN traffic. This way, the WSA can apply different policies and settings for each interface, and isolate the email flows from each other. The two-interface mode also provides better performance and security than the single-interface mode, which uses only one network interface for both Internet and LAN traffic12. The other deployment modes, such as multi-context, transparent, or single-interface, do not support a separated email transfer flow from the Internet and from the LAN. References:
* Two-interface mode, section "Deployment".
* WSA network configuration, section "Interfaces".


質問 # 176
An engineer is trying to securely connect to a router and wants to prevent insecure algorithms from being used. However, the connection is failing. Which action should be taken to accomplish this goal?

  • A. Enable the SSH server using the ip ssh server command.
  • B. Configure the port using the ip ssh port 22 command.
  • C. Generate the RSA key using the crypto key generate rsa command.
  • D. Disable telnet using the no ip telnet command.

正解:C

解説:
https://learningnetwork.cisco.com/s/question/0D53i00000KsrhK/rsa-key


質問 # 177
An organization recently installed a Cisco WSA and would like to take advantage of the AVC engine to allow the organization to create a policy to control application specific activity. After enabling the AVC engine, what must be done to implement this?

  • A. Use URL categorization to prevent the application traffic.
  • B. Use security services to configure the traffic monitor, .
  • C. Use an access policy group to configure application control settings.
  • D. Use web security reporting to validate engine functionality

正解:C


質問 # 178
Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepower block based?
(Choose two)

  • A. IP addresses
  • B. URLs
  • C. port numbers
  • D. protocol IDs
  • E. MAC addresses

正解:A、B

解説:
Security Intelligence Sources
...
Custom Block lists or feeds (or objects or groups)
Block specific IP addresses, URLs, or domain names using a manually-created list or feed (for IP addresses, you can also use network objects or groups.) For example, if you become aware of malicious sites or addresses that are not yet blocked by a feed, add these sites to a custom Security Intelligence list and add this custom list to the Block list in the Security Intelligence tab of your access control policy.
Security Intelligence Sources
...
Custom Block lists or feeds (or objects or groups)
Block specific IP addresses, URLs, or domain names using a manually-created list or feed (for IP addresses, you can also use network objects or groups.) For example, if you become aware of malicious sites or addresses that are not yet blocked by a feed, add these sites to a custom Security Intelligence list and add this custom list to the Block list in the Security Intelligence tab of your access control policy.
Security Intelligence Sources
...
Custom Block lists or feeds (or objects or groups)
Block specific IP addresses, URLs, or domain names using a manually-created list or feed (for IP addresses, you can also use network objects or groups.) For example, if you become aware of malicious sites or addresses that are not yet blocked by a feed, add these sites to a custom Security Intelligence list and add this custom list to the Block list in the Security Intelligence tab of your access control policy.


質問 # 179
Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepower block based?
(Choose two)

  • A. IP addresses
  • B. URLs
  • C. port numbers
  • D. protocol IDs
  • E. MAC addresses

正解:A、B

解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-configguide-v623/secur


質問 # 180
Drag and drop the NetFlow export formats from the left onto the descriptions on the right.

正解:

解説:

Explanation: The Version 1 format was the initially released version. Do not use the Version 1 format unless you are using a legacy collection system that requires it. Use Version 9 or Version 5 export format. Version 5 export format is suitable only for the main cache; it cannot be expanded to support new features. Version 8 export format is available only for aggregation caches; it cannot be expanded to support new features. Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt-book/cfgnflow-data-expt.html


質問 # 181
Drag and drop the solutions from the left onto the solution's benefits on the right.

正解:

解説:


質問 # 182
An organization is implementing URL blocking using Cisco Umbrell a. The users are able to go to some sites
but other sites are not accessible due to an error. Why is the error occurring?

  • A. Client computers do not have the Cisco Umbrella Root CA certificate installed.
  • B. IP-Layer Enforcement is not configured.
  • C. Intelligent proxy and SSL decryption is disabled in the policy
  • D. Client computers do not have an SSL certificate deployed from an internal CA server.

正解:A

解説:
Other features are dependent on SSL Decryption functionality, which requires the Cisco Umbrella root certificate. Having the SSL Decryption feature improves: Custom URL Blocking-Required to block the HTTPS version of a URL. ... Umbrella's Block Page and Block Page Bypass features present an SSL certificate to browsers that make connections to HTTPS sites. This SSL certificate matches the requested site but will be signed by the Cisco Umbrella certificate authority (CA). If the CA is not trusted by your browser, an error page may be displayed. Typical errors include "The security certificate presented by this website was not issued by a trusted certificate authority" (Internet Explorer), "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). Although the error page is expected, the message displayed can be confusing and you may wish to prevent it from appearing. To avoid these error pages, install the Cisco Umbrella root certificate into your browser or the browsers of your users-if you're a network admin. Reference: https://docs.umbrella.com/deployment-umbrella/docs/rebrand-cisco-certificate-import-information certificate. Having the SSL Decryption feature improves:
Custom URL Blocking-Required to block the HTTPS version of a URL.
...
Umbrella's Block Page and Block Page Bypass features present an SSL certificate to browsers that make connections to HTTPS sites. This SSL certificate matches the requested site but will be signed by the Cisco Umbrella certificate authority (CA). If the CA is not trusted by your browser, an error page may be displayed.
Typical errors include "The security certificate presented by this website was not issued by a trusted certificate authority" (Internet Explorer), "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). Although the error page is expected, the message displayed can be confusing and you may wish to prevent it from appearing.
To avoid these error pages, install the Cisco Umbrella root certificate into your browser or the browsers of your users-if you're a network admin.
Other features are dependent on SSL Decryption functionality, which requires the Cisco Umbrella root certificate. Having the SSL Decryption feature improves: Custom URL Blocking-Required to block the HTTPS version of a URL. ... Umbrella's Block Page and Block Page Bypass features present an SSL certificate to browsers that make connections to HTTPS sites. This SSL certificate matches the requested site but will be signed by the Cisco Umbrella certificate authority (CA). If the CA is not trusted by your browser, an error page may be displayed. Typical errors include "The security certificate presented by this website was not issued by a trusted certificate authority" (Internet Explorer), "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). Although the error page is expected, the message displayed can be confusing and you may wish to prevent it from appearing. To avoid these error pages, install the Cisco Umbrella root certificate into your browser or the browsers of your users-if you're a network admin. Reference: https://docs.umbrella.com/deployment-umbrella/docs/rebrand-cisco-certificate-import-information


質問 # 183
A Cisco FTD engineer is creating a new IKEv2 policy called s2s00123456789 for their organization to allow for additional protocols to terminate network devices with They currently only have one policy established and need the new policy to be a backup in case some devices cannot support the stronger algorithms listed in the primary policy What should be done in order to support this?

  • A. Make the priority for the primary policy 10 and the new policy 1
  • B. Change the encryption to AES* to support all AES algorithms in the primary policy
  • C. Make the priority for the new policy 5 and the primary policy 1.
  • D. Change the integrity algorithms to SHA* to support all SHA algorithms in the primary policy

正解:A


質問 # 184
A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing authentication and is unable to access the network. Where should the administrator begin troubleshooting to verify the authentication details?

  • A. Adaptive Network Control Policy List
  • B. Context Visibility
  • C. Accounting Reports
  • D. RADIUS Live Logs

正解:D

解説:
How To Troubleshoot ISE Failed Authentications & Authorizations
Check the ISE Live Logs
Login to the primary ISE Policy Administration Node (PAN).
Go to Operations > RADIUS > Live Logs
(Optional) If the event is not present in the RADIUS Live Logs, go to Operations > Reports > Reports > Endpoints and Users > RADIUS Authentications Check for Any Failed Authentication Attempts in the Log


質問 # 185

Refer to the exhibit. What does the number 15 represent in this configuration?

  • A. interval in seconds between SNMPv3 authentication attempts
  • B. privilege level for an authorized user to this router
  • C. number of possible failed attempts until the SNMPv3 user is locked out
  • D. access list that identifies the SNMP devices that can access the router

正解:D


質問 # 186
Which technology provides a combination of endpoint protection endpoint detection, and response?

  • A. Cisco AMP
  • B. Cisco Umbrella
  • C. Cisco Threat Grid
  • D. Cisco Talos

正解:A


質問 # 187
A switch with Dynamic ARP inspection enabled has received a spoofed ARP response on a trusted interface. How does the switch behave in this situation?

  • A. It drops the packet after validation by using the IP & MAC Binding Table.
  • B. It forwards the packet after validation by using the MAC Binding Table.
  • C. It forwards the packet without validation.
  • D. It drops the packet Without validation.

正解:A


質問 # 188
Drag and drop the descriptions from the left onto the encryption algorithms on the right.

正解:

解説:

Explanation


質問 # 189
Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the left onto the correct definitions on the right.

正解:

解説:


質問 # 190
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)

  • A. modbus
  • B. inline normalization
  • C. SIP
  • D. packet decoder
  • E. SSL

正解:C、E

解説:
Application layer protocols can represent the same data in a variety of ways. The Firepower System provides application layer protocol decoders that normalize specific types of packet data into formats that the intrusion rules engine can analyze. Normalizing application-layer protocol encodings allows the rules engine to effectively apply the same content-related rules to packets whose data is represented differently and obtain meaningful results.
Reference:
FirePower uses many preprocessors, including DNS, FTP/Telnet, SIP, SSL, SMTP, SSH preprocessors.


質問 # 191
Drag and drop the capabilities from the left onto the correct technologies on the right.

正解:

解説:


質問 # 192
What must be configured in Cisco ISE to enforce reauthentication of an endpoint session when an endpoint is deleted from an identity group?

  • A. CoA
  • B. external identity source
  • C. posture assessment
  • D. SNMP probe

正解:A

解説:
Cisco ISE allows a global configuration to issue a Change of Authorization (CoA) in the Profiler Configuration page that enables the profiling service with more control over endpoints that are already authenticated. One of the settings to configure the CoA type is "Reauth". This option is used to enforce reauthentication of an already authenticated endpoint when it is profiled. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/ b_ise_admin_guide_sample_chapter_010101.html page that enables the profiling service with more control over endpoints that are already authenticated.
One of the settings to configure the CoA type is "Reauth". This option is used to enforce reauthentication of an already authenticated endpoint when it is profiled.
Reference:
Cisco ISE allows a global configuration to issue a Change of Authorization (CoA) in the Profiler Configuration page that enables the profiling service with more control over endpoints that are already authenticated. One of the settings to configure the CoA type is "Reauth". This option is used to enforce reauthentication of an already authenticated endpoint when it is profiled. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/ b_ise_admin_guide_sample_chapter_010101.html


質問 # 193
......

350-701試験問題集で100%高得点させる350-701試験解答がこちら:https://jp.fast2test.com/350-701-premium-file.html

検証済みの350-701試験問題成功確定させます:https://drive.google.com/open?id=1zI5lw8_dlJqqneZ_1mvk4I-Xu1fk9zND


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어