Prepare for your Cisco 350-701 certification exam: with free 350-701 exam questions, 350-701 dumps!
Cisco 350-701 Exam Questions & Answers
Free share Part of new exam questions | Cisco Certified Internetwork Expert Security 350-701
Why would a user choose an on-premises ESA versus the CES solution?
A. Sensitive data must remain onsite.
B. Demand is unpredictable.
C. The server team wants to outsource this service.
D. ESA is deployed inline.
Correct Answer: A
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?
A. authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX
B. authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXX
C. authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX
D. secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX
Correct Answer: B
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose
A. Sophos engine
B. white list
D. outbreak filters
Correct Answer: AD
Which two key and block sizes are valid for AES? (Choose two.)
A. 64-bit block size, 112-bit key length
B. 64-bit block size, 168-bit key length
C. 128-bit block size, 192-bit key length
D. 128-bit block size, 256-bit key length
E. 192-bit block size, 256-bit key length
Correct Answer: CD
On which part of the IT environment does DevSecOps focus?
A. application development
B. wireless network
C. data center
D. perimeter network
Correct Answer: A
Which two mechanisms are used to control phishing attacks? (Choose two.)
A. Enable browser alerts for fraudulent websites.
B. Define security group memberships.
C. Revoke expired CRL of the websites.
D. Use antispyware software.
E. Implement email filtering techniques.
Correct Answer: AE
Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering
attacks? (Choose two.)
A. Patch for cross-site scripting.
B. Perform backups to the private cloud.
C. Protect against input validation and character escapes in the endpoint.
D. Install a spam and virus email filter.
E. Protect systems with an up-to-date antimalware program.
Correct Answer: DE
Which option best describes RPL?
A. RPL stands for Routing over low priority links that use link-state LSAs to determine the best route between two root
B. RPL stands for Routing over low priority links that use distance vector DOGAG to determine the best route between
two root border routers.
C. RPL stands for Routing over Low-power Lossy Networks that use link-state LSAs to determine the best route
between leaves and the root border router.
D. RPL stands for Routing over Low-power Lossy Networks that use distance vector DOGAG to determine the best
route between leaves and the root border router.
Correct Answer: D
What is a characteristic of Dynamic ARP Inspection?
A. DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping
B. In a typical network, make all ports as trusted except for the ports connecting to switches, which are untrusted.
C. DAI associates a trust state with each switch.
D. DAI intercepts all ARP requests and responses on trusted ports only.
Correct Answer: A
Which three statements about VRF-Aware Cisco Firewall are true? (Choose three)
A. It supports both global and per-VRF commands and DoS parameters.
B. It enables service providers to deploy firewalls on customer devices.
C. It can generate syslog messages that are visible only to individual VPNs.
D. It can support VPN networks with overlapping address ranges without NAT.
E. It enables service providers to implement firewalls on PE devices.
F. It can run as more than one instance.
Correct Answer: CEF
More NEW Cisco 350-701 Exam Questions Answers From
More NEW Cisco 350-701 Exam Dumps From
Pass4itsure discount code 2020
Please read the picture carefully to get 12% off! The latest discount code "2020PASS" is provided below.