350-701 V1

Refer to the exhibit. What is a result of the configuration?A . Traffic from the DMZ network is redirectedB . Traffic from the inside network is redirectedC . All TCP traffic is redirectedD . Traffic from the inside and DMZ networks is redirectedView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configurefirepower-00.html

Which feature is supported when deploying Cisco ASAv within AWS public cloud?A . multiple context modeB . user deployment of Layer 3 networksC . IPv6D . clusteringView AnswerAnswer: B Explanation: The ASAv on AWS supports the following features: + Support for Amazon EC2 C5 instances, the next generation of the...

Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)A . Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automaticallyB . The active and standby devices can run different versions of the...

What is a characteristic of Firepower NGIPS inline deployment mode?A . ASA with Firepower module cannot be deployed.B . It cannot take actions such as blocking traffic.C . It is out-of-band from traffic.D . It must have inline interface pairs configured.View AnswerAnswer: D

What is a characteristic of Dynamic ARP Inspection?A . DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database.B . In a typical network, make all ports as trusted except for the ports connecting to switches, which are...

Which IPS engine detects ARP spoofing?A . Atomic ARP EngineB . Service Generic EngineC . ARP Inspection EngineD . AIC EngineView AnswerAnswer: A

What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two)A . data exfiltrationB . command and control communicationC . intelligent proxyD . snortE . URL categorizationView AnswerAnswer: A,B Explanation: Reference: https://www.cisco.com/c/dam/en/us/products/collateral/security/cognitive-threat-analytics/at-aglance-c45-736555.pdf

What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?A . authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXXB . authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXXC . authenticates the IKEv1 peers in the 172.16.0.0/16...

What is a characteristic of a bridge group in ASA Firewall transparent mode? A. It includes multiple interfaces and access rules between interfaces are customizable B. It is a Layer 3 segment and includes one port and customizable access rules C. It allows ARP traffic with a single access rule...

An organization is trying to improve their Defense in Depth by blocking malicious destinations prior to a connection being established. The solution must be able to block certain applications from being used within the network . Which product should be used to accomplish this goal?A . Cisco FirepowerB . Cisco...