1. Home
  2. Cisco
  3. 350-701

Implementing and Operating Cisco Security Core Technologies (SCOR)

Exam Details

  • Exam Code
    :350-701
  • Exam Name
    :Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :753 Q&As
  • Last Updated
    :Apr 12, 2025

Cisco CCNP Security 350-701 Questions & Answers

  • Question 211:

    Which solution for remote workers enables protection, detection, and response on the endpoint against known and unknown threats?

    A. Cisco AMP for Endpoints

    B. Cisco AnyConnect

    C. Cisco Umbrella

    D. Cisco Duo

  • Question 212:

    An engineer integrates Cisco FMC and Cisco ISE using pxGrid. Which role is assigned for Cisco FMC?

    A. client

    B. server

    C. controller

    D. publisher

  • Question 213:

    A network engineer must monitor user and device behavior within the on-premises network. This data must be sent to the Cisco Stealthwatch Cloud analytics platform for analysis. What must be done to meet this requirement using the Ubuntu-based VM appliance deployed in a VMware-based hypervisor?

    A. Configure a Cisco FMC to send syslogs to Cisco Stealthwatch Cloud

    B. Deploy the Cisco Stealthwatch Cloud PNM sensor that sends data to Cisco Stealthwatch Cloud

    C. Deploy a Cisco FTD sensor to send network events to Cisco Stealthwatch Cloud

    D. Configure a Cisco FMC to send NetFlow to Cisco Stealthwatch Cloud

  • Question 214:

    An email administrator is setting up a new Cisco ESA. The administrator wants to enable the blocking of greymail for the end user. Which feature must the administrator enable first?

    A. File Analysis

    B. IP Reputation Filtering

    C. Intelligent Multi-Scan

    D. Anti-Virus Filtering

  • Question 215:

    An organization has DHCP servers set up to allocate IP addresses to clients on the LAN.

    What must be done to ensure the LAN switches prevent malicious DHCP traffic while also distributing IP addresses to the correct endpoints?

    A. Configure Dynamic ARP Inspection and add entries in the DHCP snooping database

    B. Configure DHCP snooping and set an untrusted interface for all clients

    C. Configure Dynamic ARP Inspection and antispoofing ACLs in the DHCP snooping database

    D. Configure DHCP snooping and set a trusted interface for the DHCP server

  • Question 216:

    A network engineer is tasked with configuring a Cisco ISE server to implement external authentication against Active Directory. What must be considered about the authentication requirements? (Choose two.)

    A. RADIUS communication must be permitted between the ISE server and the domain controller.

    B. The ISE account must be a domain administrator in Active Directory to perform JOIN operations.

    C. Active Directory only supports user authentication by using MSCHAPv2.

    D. LDAP communication must be permitted between the ISE server and the domain controller.

    E. Active Directory supports user and machine authentication by using MSCHAPv2.

  • Question 217:

    Refer to the exhibit. When creating an access rule for URL filtering, a network engineer adds certain categories and individual URLs to block. What is the result of the configuration?

    A. Only URLs for botnets with reputation scores of 1-3 will be blocked.

    B. Only URLs for botnets with a reputation score of 3 will be blocked.

    C. Only URLs for botnets with reputation scores of 3-5 will be blocked.

    D. Only URLs for botnets with a reputation score of 3 will be allowed while the rest will be blocked.

  • Question 218:

    A company has 5000 Windows users on its campus. Which two precautions should IT take to prevent WannaCry ransomware from spreading to all clients? (Choose two.)

    A. Segment different departments to different IP blocks and enable Dynamic ARp inspection on all VLANs

    B. Ensure that noncompliant endpoints are segmented off to contain any potential damage.

    C. Ensure that a user cannot enter the network of another department.

    D. Perform a posture check to allow only network access to (hose Windows devices that are already patched.

    E. Put all company users in the trusted segment of NGFW and put all servers to the DMZ segment of the Cisco NGFW. ni

  • Question 219:

    Which system performs compliance checks and remote wiping?

    A. MDM

    B. ISE

    C. AMP

    D. OTP

  • Question 220:

    An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing file named abc424952615.exe without quarantining that file.

    What type of Outbreak Control list must the SHA.-256 hash value for the file be added to in order to accomplish this?

    A. Advanced Custom Detection

    B. Blocked Application

    C. Isolation

    D. Simple Custom Detection

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.