Cisco CCNP Security 350-701 Questions & Answers

• Question 601:

  Which Cisco security solution protects remote users against phishing attacks when they are not connected to the VPN?

  A. Cisco Stealthwatch

  B. Cisco Umbrella

  C. Cisco Firepower

  D. NGIPS

  Correct Answer: B

  Cisco Umbrella protects users from accessing malicious domains by proactively analyzing and blocking unsafe destinations ?before a connection is ever made. Thus it can protect from phishing attacks by blocking suspicious domains when users click on the given links that an attacker sent. Cisco Umbrella roaming protects your employees even when they are off the VPN.

• Question 602:

  Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?

  A. Correlation

  B. Intrusion

  C. Access Control

  D. Network Discovery

  Correct Answer: D

  Reference:

  https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc- configguide-v64/introduction_to_network_discovery_and_identity.html

• Question 603:

  Which two descriptions of AES encryption are true? (Choose two)

  A. AES is less secure than 3DES.

  B. AES is more secure than 3DES.

  C. AES can use a 168-bit key for encryption.

  D. AES can use a 256-bit key for encryption.

  E. AES encrypts and decrypts a key three times in sequence.

  Correct Answer: BD

  https://gpdb.docs.pivotal.io/43190/admin_guide/topics/ipsec.html

• Question 604:

  On which part of the IT environment does DevSecOps focus?

  A. application development

  B. wireless network

  C. data center

  D. perimeter network

  Correct Answer: A

• Question 605:

  Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two)

  A. exploits

  B. ARP spoofing

  C. denial-of-service attacks

  D. malware

  E. eavesdropping

  Correct Answer: AD

  Malware means "malicious software", is any software intentionally designed to cause damage to a computer, server, client, or computer network. The most popular types of malware includes viruses, ransomware and spyware. Virus Possibly

  the most common type of malware, viruses attach their malicious code to clean code and wait to be run.

  Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.Spyware is spying software that can secretly record everything you enter, upload,

  download, and store on your computers or mobile devices. Spyware always tries to keep itself hidden.An exploit is a code that takes advantage of a software vulnerability or security flaw.Exploits and malware are two risks for endpoints that

  are not up to date. ARP spoofing and eavesdropping are attacks against the network while denial-of-service attack is based on the flooding of IP packets.

• Question 606:

  What Cisco command shows you the status of an 802.1X connection on interface gi0/1?

  A. show authorization status

  B. show authen sess int gi0/1

  C. show connection status gi0/1

  D. show ver gi0/1

  Correct Answer: B

• Question 607:

  An engineer needs a solution for TACACS+ authentication and authorization for device administration.

  The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to use 802.1X, MAB, or WebAuth. Which product meets all of these requirements?

  A. Cisco Prime Infrastructure

  B. Cisco Identity Services Engine

  C. Cisco Stealthwatch

  D. Cisco AMP for Endpoints

  Correct Answer: B

• Question 608:

  Which two capabilities does TAXII support? (Choose two)

  A. Exchange

  B. Pull messaging

  C. Binding

  D. Correlation

  E. Mitigating

  Correct Answer: AB

  https://docs.oasis-open.org/cti/taxii/v1.1.1/taxii-v1.1.1-part1-overview.html

  "There are three Capabilities that the current version of TAXII supports: push messaging, pull messaging, and discovery." "Discovery does, however, allow for the automated exchange of information..."

• Question 609:

  Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current encryption technology?

  A. 3DES

  B. RSA

  C. DES

  D. AES

  Correct Answer: B

  Compared to RSA, the prevalent public-key cryptography of the Internet today, Elliptic Curve Cryptography (ECC) offers smaller key sizes, faster computation,as well as memory, energy and bandwidth savings and is thus better suited forsmall devices.

• Question 610:

  Which action controls the amount of URI text that is stored in Cisco WSA logs files?

  A. Configure the datasecurityconfig command

  B. Configure the advancedproxyconfig command with the HTTPS subcommand

  C. Configure a small log-entry size.

  D. Configure a maximum packet size.

  Correct Answer: B