Cisco 350-701 Online Practice Questions and Exam Preparation

Cisco 350-701 Online Questions & Answers

• Question 331:

  What is a benefit of performing device compliance?

  A. Verification of the latest OS patches
  B. Providing multi-factor authentication
  C. Providing attribute-driven policies
  D. Device classification and authorization
  A. Verification of the latest OS patches

  ---

  Explanation

• Question 332:

  An administrator is configuring a DHCP server to better secure their environment. They need to be able to rate-limit the traffic and ensure that legitimate requests are not dropped.

  How would this be accomplished?

  A. Set a trusted interface for the DHCP server
  B. Set the DHCP snooping bit to 1
  C. Add entries in the DHCP snooping database
  D. Enable ARP inspection for the required VLAN
  A. Set a trusted interface for the DHCP server

  ---

  Explanation

• Question 333:

  In which two customer environments is the Cisco WSAv connector traffic direction method selected? (Choose two.)

  A. Customer owns ASA Appliance and Virtual Form Factor is required.
  B. Customer does not own Cisco hardware and needs Explicit Proxy.
  C. Customer owns ASA Appliance and SSL Tunneling is required.
  D. Customer needs to support roaming users.
  E. Customer does not own Cisco hardware and needs Transparent Redirection (WCCP).
  A. Customer owns ASA Appliance and Virtual Form Factor is required.
  E. Customer does not own Cisco hardware and needs Transparent Redirection (WCCP).

  ---

  Explanation

• Question 334:

  Refer to the exhibit. A network engineer wants to reduce the operational costs of SNMPv3 by using trapping instead of polling. Which code snippet completes the configuration to enable authentication for SNMPv3 trapping?

  

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  B. Option B

  ---

  Explanation

• Question 335:

  A network engineer is configuring a Cisco Catalyst switch. The network engineer must prevent traffic on the network from being interrupted by broadcast packets flooding the network using a predefined threshold. What must be configured on the switch?

  A. DHCP Snooping
  B. Embedded Event Monitoring
  C. Storm Control
  D. Loop Guard
  C. Storm Control

  ---

  Explanation

• Question 336:

  Refer to the exhibit.

  

  Logins from internal users to a Cisco Adaptive Security Appliance firewall must be performed by using a TACACS server. The firewall is already configured. Which additional configuration must be performed to configure the TACACS+ server group with a key of Cisco4512!?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A

  ---

  Explanation

• Question 337:

  What is a difference between Cisco AMP for Endpoints and Cisco Umbrella?

  A. Cisco AMP for Endpoints is a cloud-based service, and Cisco Umbrella is not.
  B. Cisco AMP for Endpoints prevents connections to malicious destinations, and Cisco Umbrella works at the file level to prevent the initial execution of malware
  C. Cisco AMP for Endpoints automatically researches indicators of compromise and confirms threats and Cisco Umbrella does not
  D. Cisco AMP for Endpoints prevents, detects, and responds to attacks before damage can be done, and Cisco Umbrella provides the first line of defense against Internet threats
  D. Cisco AMP for Endpoints prevents, detects, and responds to attacks before damage can be done, and Cisco Umbrella provides the first line of defense against Internet threats

  ---

  Explanation

  https://learn-umbrella.cisco.com/i/802005-umbrella-security-report/3? https://www.cisco.com/site/us/en/products/security/endpoint-security/secure- endpoint/index.html#:~:text=Powerful%20EDR%20capabilities,from%20Kenna%20Security . Cisco Advanced Malware Protection (AMP) for endpoints can be seen as a replacement for the traditional antivirus solution. It is a next generation, cloud delivered endpoint protection platform (EPP), and advanced endpoint detection and response (EDR). Providing Protection ?Detection Response While Cisco Umbrella can enforce security at the DNS-, IP-, and HTTP/S-layer, this report does not require that blocking is enabled and only monitors your DNS activity. Any malicious domains requested and IPs resolved are indicators of compromise (IOC). Any malicious domains requested and IPs resolved are indicators of compromise (IOC)

• Question 338:

  An engineer is adding a Cisco DUO solution to the current TACACS+ deployment using Cisco ISE. The engineer wants to authenticate users using their account when they log into network devices. Which action accomplishes this task?

  A. Configure Cisco DUO with the external Active Directory connector and tie it to the policy set within Cisco ISE.
  B. Install and configure the Cisco DUO Authentication Proxy and configure the identity source sequence within Cisco ISE
  C. Create an identity policy within Cisco ISE to send all authentication requests to Cisco DUO.
  D. Modify the current policy with the condition MFASourceSequence DUO=true in the authorization conditions within Cisco ISE
  B. Install and configure the Cisco DUO Authentication Proxy and configure the identity source sequence within Cisco ISE

  ---

  Explanation

  https://community.cisco.com/t5/security-documents/duo-mfa-integration-with-ise-for-tacacs- device-administration/ta-p/3881767

• Question 339:

  DRAG DROP

  Refer to the exhibit.

  

  An engineer must configure a Cisco switch to perform PPP authentication via a TACACS server located at IP address 10.1.1.10. Authentication must fall back to the local database using the username LocalUser and password C1$c0445915422! if TACACS server is unreachable.

  Drag and drop the commands from the left onto the corresponding configuration steps on the right.

  Select and Place:

  

  

• Question 340:

  Which IPS engine detects ARP spoofing?

  A. Atomic ARP Engine
  B. Service Generic Engine
  C. ARP Inspection Engine
  D. AIC Engine
  A. Atomic ARP Engine

  ---

  Explanation