350-701 V2

Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent? (Choose two)A . Outgoing traffic is allowed so users can communicate with outside organizations.B . Malware infects the messenger application on the user endpoint to send company data.C . Traffic is encrypted, which prevents visibility on...

An engineer needs a solution for TACACS+ authentication and authorization for device administration. The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to use 802.1X, MAB, or WebAuth . Which product meets all of these requirements?A . Cisco Prime InfrastructureB . Cisco Identity...

When wired 802.1X authentication is implemented, which two components are required? (Choose two)A . authentication server: Cisco Identity Service EngineB . supplicant: Cisco AnyConnect ISE Posture moduleC . authenticator: Cisco Catalyst switchD . authenticator: Cisco Identity Services EngineE . authentication server: Cisco Prime InfrastructureView AnswerAnswer: A,C

Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?A . RSA SecureIDB . Internal DatabaseC . Active DirectoryD . LDAPView AnswerAnswer: C

Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?A . CorrelationB . IntrusionC . Access ControlD . Network DiscoveryView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/introduction_to_network_discovery_and_identity.html

What is a characteristic of Dynamic ARP Inspection?A . DAI determines the validity of an ARP packet based on valid IP to MAC address bindings from the DHCP snooping binding database.B . In a typical network, make all ports as trusted except for the ports connecting to switches, which are...

How does Cisco Stealthwatch Cloud provide security for cloud environments?A . It delivers visibility and threat detection.B . It prevents exfiltration of sensitive data.C . It assigns Internet-based DNS protection for clients and servers.D . It facilitates secure connectivity between public and private networks.View AnswerAnswer: A Explanation: Cisco Stealthwatch Cloud:...

Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?A . quality of serviceB . time synchronizationC . network address translationsD . intrusion policyView AnswerAnswer: B

Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)A . packet decoderB . SIPC . modbusD . inline normalizationE . SSLView AnswerAnswer: B,E Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guidev60/Application_Layer_Preprocessors.html# ID-2244-0000080cFirePower uses many preprocessors, including DNS, FTP/Telnet, SIP, SSL, SMTP, SSH preprocessors.

What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two)A . data exfiltrationB . command and control communicationC . intelligent proxyD . snortE . URL categorizationView AnswerAnswer: A,B Explanation: Reference: https://www.cisco.com/c/dam/en/us/products/collateral/security/cognitive-threat-analytics/at-aglance-c45-736555.pdf