350-701 Exam Details

  • Exam Code
    :350-701
  • Exam Name
    :Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Certification
    :CCIE Security
  • Vendor
    :Cisco
  • Total Questions
    :784 Q&As
  • Last Updated
    :Jul 10, 2026

Cisco 350-701 Online Questions & Answers

  • Question 51:

    What are two reasons for implementing a multifactor authentication solution such as Duo Security provide to an organization? (Choose two)

    A. flexibility of different methods of 2FA such as phone callbacks, SMS passcodes, and push notifications
    B. single sign-on access to on-premises and cloud applications
    C. integration with 802.1x security using native Microsoft Windows supplicant
    D. secure access to on-premises and cloud applications
    E. identification and correction of application vulnerabilities before allowing access to resources

  • Question 52:

    Refer to the exhibit. An engineer created a policy named usera1 on a Cisco Secure Email Gateway to enable the antispam feature for an email address of [email protected]. Which configuration step must be performed next to apply the policy only to the [email protected] email address?

    A. Specify the user in Mail Policies > Mail Policies Settings
    B. Click the Policy Name usera1 Policy, and then click Add User.
    C. Set the user in Mail Policies > Exception Table.
    D. Click IronPort Anti-Spam, and then click Add User.

  • Question 53:

    Refer to the exhibit. A network engineer must implement a new multidevice management solution and must retrieve information about all the Cisco devices that are directly attached to a Cisco IOS router.

    Which IOS command must the engineer use to display detailed information about the attached devices?

    A. show cdp neighbors
    B. show cdp
    C. show neighbors
    D. cdp neighbors

  • Question 54:

    An organization has two machines hosting web applications. Machine 1 is vulnerable to SQL injection while machine 2 is vulnerable to buffer overflows. What action would allow the attacker to gain access to machine 1 but not machine 2?

    A. sniffing the packets between the two hosts
    B. sending continuous pings
    C. overflowing the buffer's memory
    D. inserting malicious commands into the database

  • Question 55:

    Which baseline form of telemetry is recommended for network infrastructure devices?

    A. SDNS
    B. NetFlow
    C. passive taps
    D. SNMP

  • Question 56:

    Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System? (Choose two)

    A. Port
    B. Rule
    C. Source
    D. Application
    E. Protocol

  • Question 57:

    What is a characteristic of a bridge group in a Cisco ASA Firewall running in transparent mode?

    A. It includes multiple interfaces and access rules between interfaces are customizable.
    B. It is a Layer 3 segment and includes one port and customizable access rules.
    C. It allows ARP traffic with a single access rule.
    D. It has an IP address on its BVI interface and is used for management traffic.

  • Question 58:

    Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)

    A. Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS
    B. Cisco FTDv with one management interface and two traffic interfaces configured
    C. Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises
    D. Cisco FTDv with two management interfaces and one traffic interface configured
    E. Cisco FTDv configured in routed mode and IPv6 configured

  • Question 59:

    An engineer is configuring Cisco WSA and needs to ensure end clients are protected against DNS spoofing attacks. Which deployment method accomplishes this goal?

    A. transparent mode
    B. Web Cache Communication Protocol
    C. explicit forward
    D. single-context mode

  • Question 60:

    Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System?

    A. It allows traffic if it does not meet the profile.
    B. It defines a traffic baseline for traffic anomaly deduction.
    C. It inspects hosts that meet the profile with more intrusion rules.
    D. It blocks traffic if it does not meet the profile.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.