Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

350-701Free trial

By cisco

Verified

25Q per page

Question 1

Which functions of an SDN architecture require southbound APIs to enable communication?

A: SDN controller and the network elements
B: management console and the SDN controller
C: management console and the cloud
D: SDN controller and the cloud

—

Question 2

Which two behavioral patterns characterize a ping of death attack? (Choose two.)

A: The attack is fragmented into groups of 16 octets before transmission.
B: The attack is fragmented into groups of 8 octets before transmission.
C: Short synchronized bursts of traffic are used to disrupt TCP connections.
D: Malformed packets are used to crash systems.
E: Publicly accessible DNS servers are typically used to execute the attack.

—

Question 3

Which information is required when adding a device to Firepower Management Center?

A: username and password
B: encryption method
C: device serial number
D: registration key

—

Question 4

What can be integrated with Cisco Threat Intelligence Director to provide information about security threats, which allows the SOC to proactively automate responses to those threats?

A: Cisco Umbrella
B: External Threat Feeds
C: Cisco Threat Grid
D: Cisco Stealthwatch

—

Question 5

Which Cisco command enables authentication, authorization, and accounting globally so that CoA is supported on the device?

A: aaa server radius dynamic-author
B: auth-type all
C: aaa new-model
D: ip device-tracking

—

Question 6

What is a characteristic of Firepower NGIPS inline deployment mode?

A: ASA with Firepower module cannot be deployed
B: It cannot take actions such as blocking traffic
C: It is out-of-band from traffic
D: It must have inline interface pairs configured

—

Question 7

A mall provides security services to customers with a shared appliance. The mall wants separation of management on the shared appliance. Which ASA deployment mode meets these needs?

A: routed mode
B: multiple zone mode
C: multiple context mode
D: transparent mode

—

Question 8

What is managed by Cisco Security Manager?

A: Cisco WLC
B: Cisco ESA
C: Cisco WSA
D: Cisco ASA

—

Question 9

An organization is trying to improve their Defense in Depth by blocking malicious destinations prior to a connection being established. The solution must be able to block certain applications from being used within the network. Which product should be used to accomplish this goal?

A: Cisco Firepower
B: Cisco Umbrella
C: Cisco ISE
D: Cisco AMP

—

Question 10

An engineer notices traffic interruptions on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, based on a predefined threshold, to address this issue?

A: Storm Control
B: embedded event monitoring
C: access control lists
D: Bridge Protocol Data Unit guard

—

Question 11

What is a feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?

A: Multiple NetFlow collectors are supported.
B: Advanced NetFlow v9 templates and legacy v5 formatting are supported.
C: Secure NetFlow connectors are optimized for Cisco Prime Infrastructure
D: Flow-create events are delayed.

—

Question 12

What is a key difference between Cisco Firepower and Cisco ASA?

A: Cisco Firepower provides identity based access control while Cisco ASA does not.
B: Cisco AS provides access control while Cisco Firepower does not.
C: Cisco ASA provides SSL inspection while Cisco Firepower does not.
D: Cisco Firepower natively provides intrusion prevention capabilities while Cisco ASA does not.

—

Question 13

Which two mechanisms are used to control phishing attacks? (Choose two.)

A: Enable browser alerts for fraudulent websites.
B: Define security group memberships.
C: Revoke expired CRL of the websites.
D: Use antispyware software.
E: Implement email filtering techniques.

—

Question 14

DRAG DROP -
Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right.
Select and Place:

—

Question 15

What is a benefit of using Cisco FMC over Cisco ASDM?

A: Cisco FMC uses Java while Cisco ASDM uses HTML5.
B: Cisco FMC provides centralized management while Cisco ASDM does not.
C: Cisco FMC supports pushing configurations to devices while Cisco ASDM does not.
D: Cisco FMC supports all firewall products whereas Cisco ASDM only supports Cisco ASA devices.

—

Question 16

Which product allows Cisco FMC to push security intelligence observable to its sensors from other products?

A: Threat Intelligence Director
B: Encrypted Traffic Analytics.
C: Cognitive Threat Analytics.
D: Cisco Talos Intelligence

—

Question 17

A Cisco FirePower administrator needs to configure a rule to allow a new application that has never been seen on the network. Which two actions should be selected to allow the traffic to pass without inspection? (Choose two.)

A: permit
B: allow
C: reset
D: trust
E: monitor

—

Question 18

What is a characteristic of a bridge group in a Cisco ASA Firewall running in transparent mode?

A: It has an IP address on its BVI interface and is used for management traffic.
B: It allows ARP traffic with a single access rule.
C: It includes multiple interfaces and access rules between interfaces are customizable.
D: It is a Layer 3 segment and includes one port and customizable access rules.

—

Question 19

While using Cisco Firepower's Security Intelligence policies, which two criteria is blocking based upon? (Choose two.)

A: IP addresses
B: URLs
C: port numbers
D: protocol IDs
E: MAC addresses

—

Question 20

What features does Cisco FTDv provide over Cisco ASAv?

A: Cisco FTDv provides 1GB of firewall throughput while Cisco ASAv does not.
B: Cisco FTDv runs on VMware while Cisco ASAv does not.
C: Cisco FTDv runs on AWS while Cisco ASAv does not.
D: Cisco FTDv supports URL filtering while Cisco ASAv does not.

—

Question 21

A network engineer is deciding whether to use stateful or stateless failover when configuring two Cisco ASAs for high availability. What is the connection status in both cases?

A: need to be reestablished with stateful failover and preserved with stateless failover
B: preserved with both stateful and stateless failover
C: need to be reestablished with both stateful and stateless failover
D: preserved with stateful failover and need to be reestablished with stateless failover

—

Question 22

Which term describes when the Cisco Firepower downloads threat intelligence updates from Cisco Talos?

A: authoring
B: consumption
C: sharing
D: analysis

—

Question 23

An administrator is configuring a DHCP server to better secure their environment. They need to be able to rate-limit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?

A: Set a trusted interface for the DHCP server.
B: Set the DHCP snooping bit to 1.
C: Enable ARP inspection for the required VLAN.
D: Add entries in the DHCP snooping database.

—

Question 24

Which attack is commonly associated with C and C++ programming languages?

A: cross-site scripting
B: water holing
C: DDoS
D: buffer overflow

—

Question 25

What is a prerequisite when integrating a Cisco ISE server and an AD domain?

A: Configure a common administrator account.
B: Place the Cisco ISE server and the AD server in the same subnet.
C: Synchronize the clocks of the Cisco ISE server and the AD server.
D: Configure a common DNS server.

—

Page 1 of 27 • Questions 1-25 of 651

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!