What are two Detection and Analytics Engines of Cognitive Threat Analytics? (Choose two)
A. data exfiltration
B. command and control communication
C. intelligent proxy
D. snort
E. URL categorization
Which Cisco AMP file disposition valid?
A. pristine
B. malware
C. dirty
D. non malicious
Which benefit does endpoint security provide the overall security posture of an organization?
A. It streamlines the incident response process to automatically perform digital forensics on the endpoint.
B. It allows the organization to mitigate web-based attacks as long as the user is active in the domain.
C. It allows the organization to detect and respond to threats at the edge of the network.
D. It allows the organization to detect and mitigate threats that the perimeter security devices do not detect.
An administrator needs to be able to have a router securely communicate with a network management system. The connections must be authenticated but not encrypted. While meeting these requirements, which command will create a group that allows a user on the network management system access to the router?
A. snmp-server group v3 auth
B. snmp-server group v3 priv write
C. snmp-server group v2c
D. snmp-server group v2c write
Which algorithm does ISAKMP use to securely derive encryption and integrity keys?
A. RSA
B. AES
C. 3DES
D. Diffie-Hellman
An organization wants to reduce their attack surface for cloud applications. They want to understand application communications, detect abnormal application behavior, and detect vulnerabilities within the applications. Which action accomplishes this task?
A. Configure Cisco Tetration to detect anomalies and vulnerabilities.
B. Modify the Cisco Duo configuration to restrict access between applications.
C. Use Cisco ISE to provide application visibility and restrict access to them.
D. Implement Cisco Umbrella to control the access each application is granted.
An organization is using CSR1000v routers in their private cloud infrastructure. They must upgrade their code to address vulnerabilities within their running code version. Who is responsible for these upgrades?
A. The organization must update the code for the devices they manage.
B. The cloud vendor is responsible for updating all code hosted in the cloud.
C. The cloud service provider must be asked to perform the upgrade.
D. The CSR1000v is upgraded automatically as new code becomes available.
Which common threat can be prevented by implementing port security on switch ports?
A. VLAN hopping attacks
B. spoofing attacks
C. denial-of-service attacks
D. eavesdropping attacks
What describes the function of the crypto isakmp key C1$c451090787 address 0.0.0.0 0.0.0.0 command when configuring an IPsec VPN tunnel on a Cisco IOS router?
A. It allows connections from any hosts using the defined preshared key.
B. It defines that all data is going to be encrypted via the VPN.
C. It configures the IP address and subnet mask of the VPN server.
D. It drops spoofed VPN traffic using 0.0.0.0 as the source or destination IP address.
Which Cisco AnyConnect module is integrated with Splunk Enterprise to provide monitoring capabilities to administrators to allow them to view endpoint application usage?
A. AMP Enabler
B. Umbrella Roaming Security
C. ISE Posture
D. Network Visibility
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-701 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.