1. Home
  2. Cisco
  3. 350-701

Implementing and Operating Cisco Security Core Technologies (SCOR)

Exam Details

  • Exam Code
    :350-701
  • Exam Name
    :Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :753 Q&As
  • Last Updated
    :Apr 12, 2025

Cisco CCNP Security 350-701 Questions & Answers

  • Question 131:

    When NetFlow is applied to an interface, which component creates the flow monitor cache that is used to collect traffic based on the key and nonkey fields in the configured record?

    A. records

    B. flow exporter

    C. flow sampler

    D. flow monitor

  • Question 132:

    What is the term for the concept of limiting communication between applications or containers on the same node?

    A. container orchestration

    B. software-defined access

    C. microservicing

    D. microsegmentation

  • Question 133:

    What is the recommendation in a zero-trust model before granting access to corporate applications and resources?

    A. to use multifactor authentication

    B. to use strong passwords

    C. to use a wired network, not wireless

    D. to disconnect from the network when inactive

  • Question 134:

    What is a benefit of using telemetry over SNMP to configure new routers for monitoring purposes?

    A. Telemetry uses a pull mehod, which makes it more reliable than SNMP

    B. Telemetry uses push and pull, which makes it more scalable than SNMP

    C. Telemetry uses push and pull which makes it more secure than SNMP

    D. Telemetry uses a push method which makes it faster than SNMP

  • Question 135:

    An administrator enables Cisco Threat Intelligence Director on a Cisco FMC. Which process uses STIX and allows uploads and downloads of block lists?

    A. consumption

    B. sharing

    C. editing

    D. authoring

  • Question 136:

    What is a functional difference between Cisco AMP for Endpoints and Cisco Umbrella Roaming Client?

    A. The Umbrella Roaming client stops and tracks malicious activity on hosts, and AMP for Endpoints tracks only URL-based threats.

    B. The Umbrella Roaming Client authenticates users and provides segmentation, and AMP for Endpoints allows only for VPN connectivity

    C. AMP for Endpoints authenticates users and provides segmentation, and the Umbrella Roaming Client allows only for VPN connectivity.

    D. AMP for Endpoints stops and tracks malicious activity on hosts, and the Umbrella Roaming Client tracks only URL-based threats.

  • Question 137:

    What is a description of microsegmentation?

    A. Environments deploy a container orchestration platform, such as Kubernetes, to manage the application delivery.

    B. Environments apply a zero-trust model and specify how applications on different servers or containers can communicate.

    C. Environments deploy centrally managed host-based firewall rules on each server or container.

    D. Environments implement private VLAN segmentation to group servers with similar applications.

  • Question 138:

    Which type of data does the Cisco Stealthwatch system collect and analyze from routers, switches, and firewalls?

    A. NTP

    B. syslog

    C. SNMP

    D. NetFlow

  • Question 139:

    An administrator configures new authorization policies within Cisco ISE and has difficulty profiling the devices. Attributes for the new Cisco IP phones that are profiled based on the RADIUS authentication are seen however the attributes for CDP or DHCP are not. What should the administrator do to address this issue?

    A. Configure the ip dhcp snooping trust command on the DHCP interfaces to get the information to Cisco ISE

    B. Configure the authentication port-control auto feature within Cisco ISE to identify the devices that are trying to connect

    C. Configure a service template within the switch to standardize the port configurations so that the correct information is sent to Cisco ISE

    D. Configure the device sensor feature within the switch to send the appropriate protocol information

  • Question 140:

    Refer to the exhibit.

    A network engineer is testing NTP authentication and realizes that any device synchronizes time with this router and that NTP authentication is not enforced. What is the cause of this issue?

    A. The key was configured in plain text.

    B. NTP authentication is not enabled.

    C. The hashing algorithm that was used was MD5. which is unsupported.

    D. The router was not rebooted after the NTP configuration updated.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.