350-701 exam

An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group . Which probe must be enabled for this type of profiling to work?A . NetFlowB . NMAPC . SNMPD . DHCPView AnswerAnswer: B Explanation: Reference: http://www.network-node.com/blog/2016/1/2/ise-20-profiling

Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion Prevention System?A . controlB . malwareC . URL filteringD . protectView AnswerAnswer: D

What is a characteristic of traffic storm control behavior?A . Traffic storm control drops all broadcast and multicast traffic if the combined traffic exceeds the level within the interval.B . Traffic storm control cannot determine if the packet is unicast or broadcast.C . Traffic storm control monitors incoming traffic levels...

Which VPN technology can support a multivendor environment and secure traffic between sites?A . SSL VPNB . GET VPNC . FlexVPND . DMVPNView AnswerAnswer: C Explanation: FlexVPN is an IKEv2-based VPN technology that provides several benefits beyond traditional site-to-site VPN implementations. FlexVPN is a standards-based solution that can interoperate with...

When using Cisco AMP for Networks which feature copies a file to the Cisco AMP cloud for analysis?A . Spero analysisB . dynamic analysisC . sandbox analysisD . malware analysisView AnswerAnswer: B Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guidev60/Reference_a_wrapper_Chapter_topic_here.html-> Spero analysis only uploads the signature of the (executable) files to the AMP cloud. It...

Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent? (Choose two)A . Outgoing traffic is allowed so users can communicate with outside organizations.B . Malware infects the messenger application on the user endpoint to send company data.C . Traffic is encrypted, which prevents visibility on...

An engineer needs a solution for TACACS+ authentication and authorization for device administration. The engineer also wants to enhance wired and wireless network security by requiring users and endpoints to use 802.1X, MAB, or WebAuth . Which product meets all of these requirements?A . Cisco Prime InfrastructureB . Cisco Identity...

When wired 802.1X authentication is implemented, which two components are required? (Choose two)A . authentication server: Cisco Identity Service EngineB . supplicant: Cisco AnyConnect ISE Posture moduleC . authenticator: Cisco Catalyst switchD . authenticator: Cisco Identity Services EngineE . authentication server: Cisco Prime InfrastructureView AnswerAnswer: A,C

Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?A . RSA SecureIDB . Internal DatabaseC . Active DirectoryD . LDAPView AnswerAnswer: C

Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?A . CorrelationB . IntrusionC . Access ControlD . Network DiscoveryView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/introduction_to_network_discovery_and_identity.html