Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

350-701Free trial

By cisco

Verified

25Q per page

Question 101

Which Talos reputation center allows you to track the reputation of IP addresses for email and web traffic?

A: IP Block List Center
B: File Reputation Center
C: AMP Reputation Center
D: IP and Domain Reputation Center

—

Question 102

What is the primary role of the Cisco Email Security Appliance?

A: Mail Submission Agent
B: Mail Transfer Agent
C: Mail Delivery Agent
D: Mail User Agent

—

Question 103

Which two services must remain as on-premises equipment when a hybrid email solution is deployed? (Choose two.)

A: DDoS
B: antispam
C: antivirus
D: encryption
E: DLP

—

Question 104

An organization is receiving SPAM emails from a known malicious domain. What must be configured in order to prevent the session during the initial TCP communication?

A: Configure the Cisco ESA to reset the TCP connection.
B: Configure policies to stop and reject communication.
C: Configure the Cisco ESA to drop the malicious emails.
D: Configure policies to quarantine malicious emails.

—

Question 105

Refer to the exhibit. What is a result of the configuration?

A: Traffic from the DMZ network is redirected.
B: Traffic from the inside network is redirected.
C: All TCP traffic is redirected.
D: Traffic from the inside and DMZ networks is redirected.

—

Question 106

An organization received a large amount of SPAM messages over a short time period. In order to take action on the messages, it must be determined how harmful the messages are and this needs to happen dynamically. What must be configured to accomplish this?

A: Configure the Cisco WSA to modify policies based on the traffic seen.
B: Configure the Cisco ESA to modify policies based on the traffic seen.
C: Configure the Cisco WSA to receive real-time updates from Cisco Talos.
D: Configure the Cisco ESA to receive real-time updates from Cisco Talos.

—

Question 107

What are two differences between a Cisco WSA that is running in transparent mode and one running in explicit mode? (Choose two.)

A: The Cisco WSA responds with its own IP address only if it is running in explicit mode.
B: The Cisco WSA is configured in a web browser only if it is running in transparent mode.
C: The Cisco WSA responds with its own IP address only if it is running in transparent mode.
D: The Cisco WSA uses a Layer 3 device to redirect traffic only if it is running in transparent mode.
E: When the Cisco WSA is running in transparent mode, it uses the WSA's own IP address as the HTTP request destination.

—

Question 108

Which technology is used to improve web traffic performance by proxy caching?

A: WSA
B: Firepower
C: FireSIGHT
D: ASA

—

Question 109

Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?

A: transparent
B: redirection
C: forward
D: proxy gateway

—

Question 110

Which two request methods of REST API are valid on the Cisco ASA Platform? (Choose two.)

A: put
B: options
C: get
D: push
E: connect

—

Question 111

How does Cisco Advanced Phishing Protection protect users?

A: It utilizes sensors that send messages securely.
B: It uses machine learning and real-time behavior analytics.
C: It validates the sender by using DKIM.
D: It determines which identities are perceived by the sender.

—

Question 112

What is the purpose of the Decrypt for Application Detection feature within the WSA Decryption options?

A: It decrypts HTTPS application traffic for unauthenticated users.
B: It alerts users when the WSA decrypts their traffic.
C: It decrypts HTTPS application traffic for authenticated users.
D: It provides enhanced HTTPS application detection for AsyncOS.

—

Question 113

A network administrator is using the Cisco ESA with AMP to upload files to the cloud for analysis. The network is congested and is affecting communication. How will the Cisco ESA handle any files which need analysis?

A: The ESA immediately makes another attempt to upload the file.
B: The file upload is abandoned.
C: AMP calculates the SHA-256 fingerprint, caches it, and periodically attempts the upload.
D: The file is queued for upload when connectivity is restored

—

Question 114

An engineer is configuring a Cisco ESA and wants to control whether to accept or reject email messages to a recipient address.
Which list contains the allowed recipient addresses?

A: SAT
B: BAT
C: HAT
D: RAT

—

Question 115

Why would a user choose an on-premises ESA versus the CES solution?

A: Sensitive data must remain onsite.
B: Demand is unpredictable.
C: The server team wants to outsource this service.
D: ESA is deployed inline.

—

Question 116

Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two.)

A: Sophos engine
B: white list
C: RAT
D: outbreak filters
E: DLP

—

Question 117

After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future?

A: Modify web proxy settings.
B: Modify outbound malware scanning policies.
C: Modify identification profiles.
D: Modify an access policy.

—

Question 118

An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly identifying all valid recipients. What must be done on the Cisco ESA to accomplish this goal?

A: Configure Directory Harvest Attack Prevention
B: Bypass LDAP access queries in the recipient access table.
C: Use Bounce Verification.
D: Configure incoming content filters.

—

Question 119

In which two ways does a system administrator send web traffic transparently to the Cisco WSA? (Choose two.)

A: use Web Cache Communication Protocol
B: configure AD Group Policies to push proxy settings
C: configure the proxy IP address in the web-browser settings
D: configure policy-based routing on the network infrastructure
E: reference a Proxy Auto Config file

—

Question 120

What is the function of the Context Directory Agent?

A: reads the AD logs to map IP addresses to usernames
B: relays user authentication requests from Cisco WSA to AD
C: maintains users' group memberships
D: accepts user authentication requests on behalf of Cisco WSA for user identification

—

Question 121

A network administrator is configuring a rule in an access control policy to block certain URLs and selects the Chat and Instant Messaging category. Which reputation score should be selected to accomplish this goal?

A: 5
B: 10
C: 3
D: 1

—

Question 122

How does DNS Tunneling exfiltrate data?

A: An attacker registers a domain that a client connects to based on DNS records and sends malware through that connection.
B: An attacker opens a reverse DNS shell to get into the client's system and install malware on it.
C: An attacker sends an email to the target with hidden DNS resolvers in it to redirect them to a malicious domain.
D: An attacker uses a non-standard DNS port to gain access to the organization's DNS servers in order to poison the resolutions.

—

Question 123

A Cisco ESA network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is discovered that the Cisco ESA is not dropping files that have an undetermined verdict. What is causing this issue?

A: The policy was created to send a message to quarantine instead of drop.
B: The file has a reputation score that is below the threshold.
C: The file has a reputation score that is above the threshold.
D: The policy was created to disable file analysis.

—

Question 124

An organization has a Cisco ESA set up with DLP policies and would like to customize the action assigned for violations. The organization wants a copy of the message to be delivered with a message added to flag it as a DLP violation. Which actions must be performed in order to provide this capability?

A: deliver and add disclaimer text
B: quarantine and send a DLP violation notification
C: quarantine and alter the subject header with a DLP violation
D: deliver and send copies to other recipients

—

Question 125

A Cisco ESA administrator has been tasked with configuring the Cisco ESA to ensure there are no viruses before quarantined emails are delivered. In addition, delivery of mail from known bad mail servers must be prevented. Which two actions must be taken in order to meet these requirements? (Choose two.)

A: Deploy the Cisco ESA in the DMZ.
B: Use outbreak filters from SenderBase.
C: Configure a recipient access table.
D: Enable a message tracking service.
E: Scan quarantined emails using AntiVirus signatures.

—

Page 5 of 27 • Questions 101-125 of 651

←

3 4 5 6 7

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!