1. Home
  2. Cisco
  3. 350-701

Implementing and Operating Cisco Security Core Technologies (SCOR)

Exam Details

  • Exam Code
    :350-701
  • Exam Name
    :Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Certification
    :CCNP
  • Vendor
    :Cisco
  • Total Questions
    :655 Q&As
  • Last Updated
    :Apr 23, 2024

Cisco CCNP 350-701 Questions & Answers

  • Question 21:

    What provides total management for mobile and PC including managing inventory and device tracking, remote view, and live troubleshooting using the included native remote desktop support?

    A. mobile device management

    B. mobile content management

    C. mobile application management

    D. mobile access management

  • Question 22:

    An organization wants to implement a cloud-delivered and SaaS-based solution to provide visibility and threat detection across the AWS network. The solution must be deployed without software agents and rely on AWS VPC flow logs instead. Which solution meets these requirements?

    A. Cisco Stealthwatch Cloud

    B. Cisco Umbrella

    C. NetFlow collectors

    D. Cisco Cloudlock

  • Question 23:

    Refer to the exhibit.

    What does this Python script accomplish?

    A. It allows authentication with TLSv1 SSL protocol

    B. It authenticates to a Cisco ISE with an SSH connection.

    C. lt authenticates to a Cisco ISE server using the username of ersad

    D. It lists the LDAP users from the external identity store configured on Cisco ISE

  • Question 24:

    Which posture assessment requirement provides options to the client for remediation and requires the remediation within a certain timeframe?

    A. Audit

    B. Mandatory

    C. Optional

    D. Visibility

  • Question 25:

    An organization is selecting a cloud architecture and does not want to be responsible for patch management of the operating systems. Why should the organization select either Platform as a Service or Infrastructure as a Service for this environment?

    A. Platform as a Service because the customer manages the operating system

    B. Infrastructure as a Service because the customer manages the operating system

    C. Platform as a Service because the service provider manages the operating system

    D. Infrastructure as a Service because the service provider manages the operating system

  • Question 26:

    Which benefit does DMVPN provide over GETVPN?

    A. DMVPN supports QoS, multicast, and routing, and GETVPN supports only QoS.

    B. DMVPN is a tunnel-less VPN, and GETVPN is tunnel-based.

    C. DMVPN supports non-IP protocols, and GETVPN supports only IP protocols.

    D. DMVPN can be used over the public Internet, and GETVPN requires a private network.

  • Question 27:

    Refer to the exhibit.

    What are two indications of the Cisco Firepower Services Module configuration? (Choose two.)

    A. The module is operating in IDS mode.

    B. The module fails to receive redirected traffic

    C. Traffic is blocked if the module fails.

    D. Traffic continues to flow if the module fails.

    E. The module is operating in IPS mode.

  • Question 28:

    Which two actions does the Cisco identity Services Engine posture module provide that ensures endpoint security?(Choose two.)

    A. The latest antivirus updates are applied before access is allowed.

    B. Assignments to endpoint groups are made dynamically, based on endpoint attributes.

    C. Patch management remediation is performed.

    D. A centralized management solution is deployed.

    E. Endpoint supplicant configuration is deployed.

  • Question 29:

    Refer to the exhibit.

    All servers are in the same VLAN/Subnet. DNS Server-1 and DNS Server-2 must communicate with each other, and all servers must communicate with default gateway multilayer switch. Which type of private VLAN ports should be configured to prevent communication between DNS servers and the file server?

    A. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as isolated port, and GigabitEthernet0/3 and GigabitEthernet0/4 as promiscuous ports.

    B. Configure GigabitEthernet0/1 as community port, GigabitEthernet0/2 as promiscuous port, Gigabit Ethernet0/3 and GigabitEthernet0/4 as isolated ports.

    C. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as isolated port and GigabitEthernet0/3 and GrgabitEthernet0/4 as community ports

    D. Configure GigabitEthernet0/1 as promiscuous port, GigabitEthernet0/2 as community port, and GigabitEthernet0/3 and GrgabitEthernet0/4 as isolated ports.

  • Question 30:

    A company discovered an attack propagating through their network via a file. A custom file policy was created in order to track this in the future and ensure no other endpoints execute the infected file. In addition, it was discovered during testing that the scans are not detecting the file as an indicator of compromise. What must be done in order to ensure that the created is functioning as it should?

    A. Create an IP block list for the website from which the file was downloaded

    B. Block the application that the file was using to open

    C. Upload the hash for the file into the policy

    D. Send the file to Cisco Threat Grid for dynamic analysis

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.