[2024年10月14日] 最新CCNP Security 350-701実際の無料試験解答
CCNP Security 350-701問題集最新の練習テスト630独特な解答
質問 # 150
Which feature is supported when deploying Cisco ASAv within AWS public cloud?
- A. clustering
- B. IPv6
- C. user deployment of Layer 3 networks
- D. multiple context mode
正解:C
質問 # 151
Refer to the exhibit.
What is the result of this Python script of the Cisco DNA Center API?
- A. adds a switch to Cisco DNA Center
- B. adds authentication to a switch
- C. receives information about a switch
正解:A
質問 # 152
Drag and drop the Firepower Next Generation Intrustion Prevention System detectors from the left onto the correct definitions on the right.
正解:
解説:
Explanation
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/detecti
質問 # 153
What is a benefit of using Cisco FMC over Cisco ASDM?
- A. Cisco FMC supports pushing configurations to devices while Cisco ASDM does not.
- B. Cisco FMC provides centralized management while Cisco ASDM does not.
- C. Cisco FMC supports all firewall products whereas Cisco ASDM only supports Cisco ASA devices
- D. Cisco FMC uses Java while Cisco ASDM uses HTML5.
正解:C
解説:
Explanation
https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html
質問 # 154
An organization is selecting a cloud architecture and does not want to be responsible for patch management of the operating systems. Why should the organization select either Platform as a Service or Infrastructure as a Service for this environment?
- A. Platform as a Service because the customer manages the operating system
- B. Infrastructure as a Service because the customer manages the operating system
- C. Platform as a Service because the service provider manages the operating system
- D. Infrastructure as a Service because the service provider manages the operating system
正解:C
解説:
Platform as a Service (PaaS) is a cloud service model that delivers and manages all the hardware and software resources to develop applications through the cloud. The service provider is responsible for the infrastructure, middleware, runtime, and operating system, while the customer only has to focus on the application and data. PaaS enables the customer to avoid the hassle of patching, updating, or maintaining the operating system, as well as the underlying hardware and network12. Infrastructure as a Service (IaaS) is a cloud service model that delivers on-demand infrastructure resources, such as compute, storage, networking, and virtualization, to the customer via the cloud. The service provider hosts and manages the infrastructure, but the customer is responsible for the operating system, middleware, virtual machines, and any apps or data. IaaS requires the customer to handle the patch management of the operating system, as well as the security and configuration of the virtual machines34. References := 1: Use platform as a service (PaaS) options - Azure Architecture Center 2: What is Platform-as-a-Service (PaaS)? - Cloudflare 3: PaaS vs IaaS vs SaaS: What's the difference? | Google Cloud 4: SaaS vs PaaS vs IaaS: What's The Difference & How To Choose - BMC Software | Blogs
質問 # 155
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?
- A. privilege escalation
- B. interesting file access
- C. user login suspicious behavior
- D. file access from a different user
正解:C
解説:
The various suspicious patterns for which the Cisco Tetration platform looks in the current release are:
+ Shell code execution: Looks for the patterns used by shell code.
+ Privilege escalation: Watches for privilege changes from a lower privilege to a higher privilege in the process lineage tree.
+ Side channel attacks: Cisco Tetration platform watches for cache-timing attacks and page table fault bursts.
Using these, it can detect Meltdown, Spectre, and other cache-timing attacks.
+ Raw socket creation: Creation of a raw socket by a nonstandard process (for example, ping).
+ User login suspicious behavior: Cisco Tetration platform watches user login failures and user login methods.
+ Interesting file access: Cisco Tetration platform can be armed to look at sensitive files.
+ File access from a different user: Cisco Tetration platform learns the normal behavior of which file is accessed by which user.
+ Unseen command: Cisco Tetration platform learns the behavior and set of commands as well as the lineage of each command over time. Any new command or command with a different lineage triggers the interest of the Tetration Analytics platform.
The various suspicious patterns for which the Cisco Tetration platform looks in the current release are:
+ Shell code execution: Looks for the patterns used by shell code.
+ Privilege escalation: Watches for privilege changes from a lower privilege to a higher privilege in the process lineage tree.
+ Side channel attacks: Cisco Tetration platform watches for cache-timing attacks and page table fault bursts.
Using these, it can detect Meltdown, Spectre, and other cache-timing attacks.
+ Raw socket creation: Creation of a raw socket by a nonstandard process (for example, ping).
+ User login suspicious behavior: Cisco Tetration platform watches user login failures and user login methods.
+ Interesting file access: Cisco Tetration platform can be armed to look at sensitive files.
+ File access from a different user: Cisco Tetration platform learns the normal behavior of which file is accessed by which user.
+ Unseen command: Cisco Tetration platform learns the behavior and set of commands as well as the lineage of each command over time. Any new command or command with a different lineage triggers the interest of the Tetration Analytics platform.
Reference:
The various suspicious patterns for which the Cisco Tetration platform looks in the current release are:
+ Shell code execution: Looks for the patterns used by shell code.
+ Privilege escalation: Watches for privilege changes from a lower privilege to a higher privilege in the process lineage tree.
+ Side channel attacks: Cisco Tetration platform watches for cache-timing attacks and page table fault bursts.
Using these, it can detect Meltdown, Spectre, and other cache-timing attacks.
+ Raw socket creation: Creation of a raw socket by a nonstandard process (for example, ping).
+ User login suspicious behavior: Cisco Tetration platform watches user login failures and user login methods.
+ Interesting file access: Cisco Tetration platform can be armed to look at sensitive files.
+ File access from a different user: Cisco Tetration platform learns the normal behavior of which file is accessed by which user.
+ Unseen command: Cisco Tetration platform learns the behavior and set of commands as well as the lineage of each command over time. Any new command or command with a different lineage triggers the interest of the Tetration Analytics platform.
質問 # 156
What is the benefit of integrating Cisco ISE with a MDM solution?
- A. It provides compliance checks for access to the network
- B. It provides the ability to add applications to the mobile device through Cisco ISE
- C. It provides the ability to update other applications on the mobile device
- D. It provides network device administration access
正解:A
解説:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/ m_ise_interoperability_mdm.html
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ISE_admin_guide_24/ m_ise_interoperability_mdm.html
質問 # 157
Drag and drop the cryptographic algorithms for IPsec from the left onto the cryptographic processes on the right.
正解:
解説:
Explanation:
Diagram Description automatically generated
質問 # 158
Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)
- A. virtualization
- B. applications
- C. middleware
- D. data
- E. operating systems
正解:B、D
解説:
Customers must manage applications and data in PaaS.
質問 # 159
Which two behavioral patterns characterize a ping of death attack? (Choose two)
- A. Malformed packets are used to crash systems.
- B. The attack is fragmented into groups of 8 octets before transmission.
- C. Publicly accessible DNS servers are typically used to execute the attack.
- D. Short synchronized bursts of traffic are used to disrupt TCP connections.
- E. The attack is fragmented into groups of 16 octets before transmission.
正解:A、B
解説:
ExplanationPing of Death (PoD) is a type of Denial of Service (DoS) attack in which an attacker attempts to crash,destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command.A correctly-formed ping packet is typically 56 bytes in size, or 64 bytes when the ICMP header is considered,and 84 including Internet Protocol version 4 header. However, any IPv4 packet (including pings) may be as large as 65,535 bytes. Some computer systems were never designed to properly handle a ping packet larger than the maximum packet size because it violates the Internet Protocol documentedLike other large but well-formed packets, a ping of death is fragmented into groups of 8 octets beforetransmission. However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code.
質問 # 160
What is a prerequisite when integrating a Cisco ISE server and an AD domain?
- A. Synchronize the clocks of the Cisco ISE server and the AD server
- B. Configure a common administrator account
- C. Configure a common DNS server
- D. Place the Cisco ISE server and the AD server in the same subnet
正解:A
解説:
The following are the prerequisites to integrate Active Directory with Cisco ISE. + Use the Network Time Protocol (NTP) server settings to synchronize the time between the Cisco ISE server and Active Directory. You can configure NTP settings from Cisco ISE CLI. + If your Active Directory structure has multidomain forest or is divided into multiple forests, ensure that trust relationships exist between the domain to which Cisco ISE is connected and the other domains that have user and machine information to which you need access. For more information on establishing trust relationships, refer to Microsoft Active Directory documentation. + You must have at least one global catalog server operational and accessible by Cisco ISE, in the domain to which you are joining Cisco ISE. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/ise_active_directory_integration/ b_ISE_AD_integration_2x.html#reference_8DC463597A644A5C9CF5D582B77BB24F
+ Use the Network Time Protocol (NTP) server settings to synchronize the time between the Cisco ISE server and Active Directory. You can configure NTP settings from Cisco ISE CLI.
+ If your Active Directory structure has multidomain forest or is divided into multiple forests, ensure that trust relationships exist between the domain to which Cisco ISE is connected and the other domains that have user and machine information to which you need access. For more information on establishing trust relationships, refer to Microsoft Active Directory documentation.
+ You must have at least one global catalog server operational and accessible by Cisco ISE, in the domain to which you are joining Cisco ISE.
Reference:
The following are the prerequisites to integrate Active Directory with Cisco ISE. + Use the Network Time Protocol (NTP) server settings to synchronize the time between the Cisco ISE server and Active Directory. You can configure NTP settings from Cisco ISE CLI. + If your Active Directory structure has multidomain forest or is divided into multiple forests, ensure that trust relationships exist between the domain to which Cisco ISE is connected and the other domains that have user and machine information to which you need access. For more information on establishing trust relationships, refer to Microsoft Active Directory documentation. + You must have at least one global catalog server operational and accessible by Cisco ISE, in the domain to which you are joining Cisco ISE. Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/ise_active_directory_integration/ b_ISE_AD_integration_2x.html#reference_8DC463597A644A5C9CF5D582B77BB24F
質問 # 161
Drag and drop the capabilities from the left onto the correct technologies on the right.
正解:
解説:
質問 # 162
How is DNS tunneling used to exfiltrate data out of a corporate network?
- A. It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks.
- B. It leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers.
- C. It redirects DNS requests to a malicious server used to steal user credentials, which allows further damage and theft on the network.
- D. lt encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data.
正解:D
質問 # 163
II
An engineer musi set up 200 new laptops on a network and wants to prevent the users from moving their laptops around to simplify administration Which switch port MAC address security setting must be used?
- A. maximum
- B. aging
- C. static
- D. sticky
正解:D
質問 # 164
Which technology is used to improve web traffic performance by proxy caching?
- A. ASA
- B. FireSIGHT
- C. Firepower
- D. WSA
正解:D
解説:
Proxy caching is a method that enables a proxy server to save recent and frequent website/webpage requests and data requested by one or more client machines. It reduces latency, eases bandwidth consumption, and ensures content is served more swiftly to the end-user12. WSA (Web Security Appliance) is a Cisco product that provides proxy caching functionality, along with other web security features such as malware protection, URL filtering, and data loss prevention3. Firepower, FireSIGHT, and ASA are other Cisco products that do not provide proxy caching, but rather focus on different aspects of network security, such as threat detection, management, and firewall . References:
* What is Proxy Caching? | StackPath
* What Is Proxy Caching? | Definition & Overview | NinjaOne
* Cisco Web Security Appliance Data Sheet
* [Cisco Firepower NGFW Data Sheet]
* [Cisco FireSIGHT Management Center Data Sheet]
* [Cisco ASA 5500-X Series Firewalls Data Sheet]
質問 # 165
......
検証済み350-701問題集と解答100%合格Fast2test:https://jp.fast2test.com/350-701-premium-file.html
最新100%試験高合格率350-701問題集PDF:https://drive.google.com/open?id=1zI5lw8_dlJqqneZ_1mvk4I-Xu1fk9zND