1. Home
  2. Cisco
  3. 350-701

Implementing and Operating Cisco Security Core Technologies (SCOR)

Exam Details

  • Exam Code
    :350-701
  • Exam Name
    :Implementing and Operating Cisco Security Core Technologies (SCOR)
  • Certification
    :CCNP Security
  • Vendor
    :Cisco
  • Total Questions
    :753 Q&As
  • Last Updated
    :Apr 12, 2025

Cisco CCNP Security 350-701 Questions & Answers

  • Question 451:

    What are two benefits of Flexible NetFlow records? (Choose two)

    A. They allow the user to configure flow information to perform customized traffic identification

    B. They provide attack prevention by dropping the traffic

    C. They provide accounting and billing enhancements

    D. They converge multiple accounting technologies into one accounting mechanism

    E. They provide monitoring of a wider range of IP packet information from Layer 2 to 4

  • Question 452:

    Why is it important to implement MFA inside of an organization?

    A. To prevent man-the-middle attacks from being successful.

    B. To prevent DoS attacks from being successful.

    C. To prevent brute force attacks from being successful.

    D. To prevent phishing attacks from being successful.

  • Question 453:

    What is the purpose of the certificate signing request when adding a new certificate for a server?

    A. It is the password for the certificate that is needed to install it with.

    B. It provides the server information so a certificate can be created and signed

    C. It provides the certificate client information so the server can authenticate against it when installing

    D. It is the certificate that will be loaded onto the server

  • Question 454:

    A network administrator is configuring a rule in an access control policy to block certain URLs and selects the "Chat and Instant Messaging" category. Which reputation score should be selected to accomplish this goal?

    A. 1

    B. 3

    C. 5

    D. 10

  • Question 455:

    After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future?

    A. Modify an access policy

    B. Modify identification profiles

    C. Modify outbound malware scanning policies

    D. Modify web proxy settings

  • Question 456:

    An engineer needs behavioral analysis to detect malicious activity on the hosts, and is configuring the organization's public cloud to send telemetry using the cloud provider's mechanisms to a security device. Which mechanism should the engineer configure to accomplish this goal?

    A. mirror port

    B. Flow

    C. NetFlow

    D. VPC flow logs

  • Question 457:

    A Cisco ESA network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is discovered that the Cisco ESA is not dropping files that have an undetermined verdict. What is causing this issue?

    A. The policy was created to send a message to quarantine instead of drop

    B. The file has a reputation score that is above the threshold

    C. The file has a reputation score that is below the threshold

    D. The policy was created to disable file analysis

  • Question 458:

    A network administrator is configuring a switch to use Cisco ISE for 802.1X. An endpoint is failing authentication and is unable to access the network. Where should the administrator begin troubleshooting to verify the authentication details?

    A. Adaptive Network Control Policy List

    B. Context Visibility

    C. Accounting Reports

    D. RADIUS Live Logs

  • Question 459:

    Refer to the exhibit.

    What is the result of this Python script of the Cisco DNA Center API?

    A. adds authentication to a switch

    B. adds a switch to Cisco DNA Center

    C. receives information about a switch

  • Question 460:

    A network engineer is configuring DMVPN and entered the crypto isakmp key cisc0380739941 address 0.0.0.0 command on hostA. The tunnel is not being established to hostB. What action is needed to authenticate the VPN?

    A. Change isakmp to ikev2 in the command on hostA.

    B. Enter the command with a different password on hostB.

    C. Enter the same command on hostB.

    D. Change the password on hostA to the default password.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.