350-701 Exam Details

  • Exam Code
    :350-701
  • Exam Name
    :Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Certification
    :CCIE Security
  • Vendor
    :Cisco
  • Total Questions
    :784 Q&As
  • Last Updated
    :Jul 10, 2026

Cisco 350-701 Online Questions & Answers

  • Question 11:

    An engineer needs to configure a Cisco Secure Email Gateway (SEG) to prompt users to enter multiple forms of identification before gaining access to the SEG.

    The SEG must also join a cluster using the preshared key of cisc421555367. What steps must be taken to support this?

    A. Enable two-factor authentication through a RADIUS server, and then join the cluster via the SEG GUI.
    B. Enable two-factor authentication through a TACACS+ server, and then join the cluster via the SEG CLI.
    C. Enable two-factor authentication through a RADIUS server, and then join the cluster via the SEG CLI
    D. Enable two-factor authentication through a TACACS+ server, and then join the cluster via the SEG GUI.

  • Question 12:

    An administrator configures new authorization policies within Cisco ISE and has difficulty profiling the devices. Attributes for the new Cisco IP phones that are profiled based on the RADIUS authentication are seen however the attributes for CDP or DHCP are not. What should the administrator do to address this issue?

    A. Configure the ip dhcp snooping trust command on the DHCP interfaces to get the information to Cisco ISE
    B. Configure the authentication port-control auto feature within Cisco ISE to identify the devices that are trying to connect
    C. Configure a service template within the switch to standardize the port configurations so that the correct information is sent to Cisco ISE
    D. Configure the device sensor feature within the switch to send the appropriate protocol information

  • Question 13:

    Refer to the exhibit. Which task is the Python script performing by using the Umbrella Enforcement API?

    A. importing malicious domains to Cisco Umbrella Enforcement for additional processing
    B. importing malicious domains to Cisco Umbrella Enforcement for blocking
    C. editing malicious domains in Cisco Umbrella Enforcement that have changed status
    D. editing malicious domains in Cisco Umbrella Enforcement that have changed IP address

  • Question 14:

    Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)

    A. virtualization
    B. middleware
    C. operating systems
    D. applications
    E. data

  • Question 15:

    What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol?

    A. STIX
    B. XMPP
    C. pxGrid
    D. SMTP

  • Question 16:

    What are two differences between a Cisco WSA that is running in transparent mode and one running in explicit mode? (Choose two)

    A. When the Cisco WSA is running in transparent mode, it uses the WSA's own IP address as the HTTP request destination.
    B. The Cisco WSA responds with its own IP address only if it is running in explicit mode.
    C. The Cisco WSA is configured in a web browser only if it is running in transparent mode.
    D. The Cisco WSA uses a Layer 3 device to redirect traffic only if it is running in transparent mode.
    E. The Cisco WSA responds with its own IP address only if it is running in transparent mode.

  • Question 17:

    Which feature within Cisco ISE verifies the compliance of an endpoint before providing access to the network?

    A. Posture
    B. Profiling
    C. pxGrid
    D. MAB

  • Question 18:

    Refer to the exhibit. A network engineer must retrieve the interface configuration on a Cisco router by using the NETCONF API. The engineer uses a Python script to automate the activity. Which code snippet completes the script?

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 19:

    Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion Prevention System?

    A. control
    B. malware
    C. URL filtering
    D. protect

  • Question 20:

    What is the purpose of a denial-of-service attack?

    A. to disrupt the normal operation of a targeted system by overwhelming It
    B. to exploit a security vulnerability on a computer system to steal sensitive information
    C. to prevent or limit access to data on a computer system by encrypting It
    D. to spread throughout a computer system by self-replicating to additional hosts

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.