1. Home
  2. Cisco
  3. 350-701

Implementing and Operating Cisco Security Core Technologies (SCOR)

Exam Details

  • Exam Code
    :350-701
  • Exam Name
    :Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :753 Q&As
  • Last Updated
    :Apr 12, 2025

Cisco CCNP Security 350-701 Questions & Answers

  • Question 391:

    An organization has two systems in their DMZ that have an unencrypted link between them for communication.

    The organization does not have a defined password policy and uses several default accounts on the systems.

    The application used on those systems also have not gone through stringent code reviews.

    Which vulnerability would help an attacker brute force their way into the systems?

    A. weak passwords

    B. lack of input validation

    C. missing encryption

    D. lack of file permission

  • Question 392:

    A network administrator is configuring SNMPv3 on a new router. The users have already been created; however, an additional configuration is needed to facilitate access to the SNMP views. What must the administrator do to accomplish this?

    A. map SNMPv3 users to SNMP views

    B. set the password to be used for SNMPv3 authentication

    C. define the encryption algorithm to be used by SNMPv3

    D. specify the UDP port used by SNMP

  • Question 393:

    Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?

    A. file access from a different user

    B. interesting file access

    C. user login suspicious behavior

    D. privilege escalation

  • Question 394:

    What features does Cisco FTDv provide over Cisco ASAv?

    A. Cisco FTDv runs on VMWare while ASAv does not

    B. Cisco FTDv provides 1GB of firewall throughput while Cisco ASAv does not

    C. Cisco FTDv runs on AWS while ASAv does not

    D. Cisco FTDv supports URL filtering while ASAv does not

  • Question 395:

    Refer to the exhibit.

    Traffic is not passing through IPsec site-to-site VPN on the Firepower Threat Defense appliance. What is causing this issue?

    A. No split-tunnel policy is defined on the Firepower Threat Defense appliance.

    B. The access control policy is not allowing VPN traffic in.

    C. Site-to-site VPN peers are using different encryption algorithms.

    D. Site-to-site VPN preshared keys are mismatched.

  • Question 396:

    When planning a VPN deployment, for which reason does an engineer opt for an active/active FlexVPN configuration as opposed to DMVPN?

    A. Multiple routers or VRFs are required.

    B. Traffic is distributed statically by default.

    C. Floating static routes are required.

    D. HSRP is used for faliover.

  • Question 397:

    Refer to the exhibit.

    Which type of authentication is in use?

    A. LDAP authentication for Microsoft Outlook

    B. POP3 authentication

    C. SMTP relay server authentication

    D. external user and relay mail authentication

  • Question 398:

    What is the role of an endpoint in protecting a user from a phishing attack?

    A. Use Cisco Stealthwatch and Cisco ISE Integration.

    B. Utilize 802.1X network security to ensure unauthorized access to resources.

    C. Use machine learning models to help identify anomalies and determine expected sending behavior.

    D. Ensure that antivirus and anti malware software is up to date

  • Question 399:

    An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occurring?

    A. Client computers do not have the Cisco Umbrella Root CA certificate installed.

    B. IP-Layer Enforcement is not configured.

    C. Client computers do not have an SSL certificate deployed from an internal CA server.

    D. Intelligent proxy and SSL decryption is disabled in the policy

  • Question 400:

    What is provided by the Secure Hash Algorithm in a VPN?

    A. integrity

    B. key exchange

    C. encryption

    D. authentication

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.