CCNP Security Certification Exam 350-701 SCOR Real Study Guide

Regina2021-07-28T07:35:32+00:00

By Regina CCNP Security, Cisco, Free Questions Online 350-701, 350-701 free questions, 350-701 study guide

The core exam of CCNP Security certification, 350-701 Implementing and Operating Cisco Security Core Technologies (SCOR) exam is the must exam for CCNP Security candidates. To make sure you can be familiar with actual 350-701 SCOR exam questions, we have new 350-701 SCOR real study guide online. Trust ITExamShop CCNP Security Certification Exam 350-701 SCOR Real Study Guide now, we ensure that you will pass 350-701 SCOR exam and earn CCNP Security certification in the first attempt.

Read Free Questions Below To Check 350-701 SCOR Real Study Guide

Page 1 of 6

1. In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?

Smurf

distributed denial of service

cross-site scripting

rootkit exploit

2. Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?

user input validation in a web page or web application

Linux and Windows operating systems

database

web page images

3. Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two)

Check integer, float, or Boolean string parameters to ensure accurate values.

Use prepared statements and parameterized queries.

Secure the connection between the web and the app tier.

Write SQL code instead of using object-relational mapping libraries.

Block SQL code execution in the web application database login.

4. Which two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two)

Patch for cross-site scripting.

Perform backups to the private cloud.

Protect against input validation and character escapes in the endpoint.

Install a spam and virus email filter.

Protect systems with an up-to-date antimalware program.

5. Which two mechanisms are used to control phishing attacks? (Choose two)

Enable browser alerts for fraudulent websites.

Define security group memberships.

Revoke expired CRL of the websites.

Use antispyware software.

Implement email filtering techniques.

6. Which two behavioral patterns characterize a ping of death attack? (Choose two)

The attack is fragmented into groups of 16 octets before transmission.

The attack is fragmented into groups of 8 octets before transmission.

Short synchronized bursts of traffic are used to disrupt TCP connections.

Malformed packets are used to crash systems.

Publicly accessible DNS servers are typically used to execute the attack.

7. Which two preventive measures are used to control cross-site scripting? (Choose two)

Enable client-side scripts on a per-domain basis.

Incorporate contextual output encoding/escaping.

Disable cookie inspection in the HTML inspection engine.

Run untrusted HTML input through an HTML sanitization engine.

Same Site cookie attribute should not be used.

8. What is the difference between deceptive phishing and spear phishing?

Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.

A spear phishing campaign is aimed at a specific person versus a group of people.

Spear phishing is when the attack is aimed at the C-level executives of an organization.

Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.

9. Which attack is commonly associated with C and C++ programming languages?

cross-site scripting

water holing

DDoS

buffer overflow

10. What is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol?

STIX

XMPP

pxGrid

SMTP

Page 2 of 6

11. Which two capabilities does TAXII support? (Choose two)

Exchange

Pull messaging

Binding

Correlation

Mitigating

12. Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two)

exploits

ARP spoofing

denial-of-service attacks

malware

eavesdropping

13. Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?

url

terminal

profile

selfsigned

14. What are two rootkit types? (Choose two)

registry

virtual

bootloader

user mode

buffer mode

15. Which form of attack is launched using botnets?

EIDDOS

virus

DDOS

TCP flood

16. Which threat involves software being used to gain unauthorized access to a computer system?

virus

NTP amplification

ping of death

HTTP flood

17. Which type of attack is social engineering?

trojan

phishing

malware

MITM

18. Which two key and block sizes are valid for AES? (Choose two)

64-bit block size, 112-bit key length

64-bit block size, 168-bit key length

128-bit block size, 192-bit key length

128-bit block size, 256-bit key length

192-bit block size, 256-bit key length

19. Which two descriptions of AES encryption are true? (Choose two)

AES is less secure than 3DE

AES is more secure than 3DE

AES can use a 168-bit key for encryption.

AES can use a 256-bit key for encryption.

AES encrypts and decrypts a key three times in sequence.

20. Which algorithm provides encryption and authentication for data plane communication?

AES-GCM

SHA-96

AES-256

SHA-384

Page 3 of 6

21. Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current encryption technology?

3DES

RSA

DES

AES

22. What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?

authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX

authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXX

authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key ciscXXXXXXXX

secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX

23. Which technology must be used to implement secure VPN connectivity among company branches over a private IP cloud with any-to-any scalable connectivity?

DMVPN

FlexVPN

IPsec DVTI

GET VPN

24. Which two conditions are prerequisites for stateful failover for IPsec? (Choose two)

Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically

The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.

The IPsec configuration that is set up on the active device must be duplicated on the standby device

Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically.

The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.

25. Which VPN technology can support a multivendor environment and secure traffic between sites?

SSL VPN

GET VPN

FlexVPN

DMVPN

26. A network engineer is configuring DMVPN and entered the crypto isakmp key cisc0380739941 address 0.0.0.0 command on hostA. The tunnel is not being established to hostB .

What action is needed to authenticate the VPN?

Change isakmp to ikev2 in the command on host

Enter the command with a different password on host

Enter the same command on host

Change the password on hostA to the default password.

27. Refer to the exhibit.

A network administrator configured a site-to-site VPN tunnel between two Cisco IOS routers, and hosts are unable to communicate between two sites of VPN. The network administrator runs the debug crypto isakmp sa command to track VPN status .

What is the problem according to this command output?

hashing algorithm mismatch

encryption algorithm mismatch

authentication key mismatch

interesting traffic was not applied

28. What is a difference between FlexVPN and DMVPN?

DMVPN uses IKEv1 or IKEv2, FlexVPN only uses IKEv1

DMVPN uses only IKEv1 FlexVPN uses only IKEv2

FlexVPN uses IKEv2, DMVPN uses IKEv1 or IKEv2

FlexVPN uses IKEv1 or IKEv2, DMVPN uses only IKEv2

29. Which protocol provides the strongest throughput performance when using Cisco AnyConnect VPN?

TLSv1.2

TLSv1.1

BJTLSv1

DTLSv1

30. What is a commonality between DMVPN and FlexVPN technologies?

FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes

FlexVPN and DMVPN use the new key management protocol

FlexVPN and DMVPN use the same hashing algorithms

IOS routers run the same NHRP code for DMVPN and FlexVPN

Page 4 of 6

31. The main function of northbound APIs in the SDN architecture is to enable communication between which two areas of a network?

SDN controller and the cloud

management console and the SDN controller

management console and the cloud

SDN controller and the management solution

32. Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two)

accounting

assurance

automation

authentication

encryption

33. Which functions of an SDN architecture require southbound APIs to enable communication?

SDN controller and the network elements

management console and the SDN controller

management console and the cloud

SDN controller and the cloud

34. Which API is used for Content Security?

NX-OS API

IOS XR API

OpenVuln API

AsyncOS API

35. Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)

put

options

get

push

connect

36. Refer to the exhibit.

What is the result of this Python script of the Cisco DNA Center API?

adds authentication to a switch

adds a switch to Cisco DNA Center

receives information about a switch

37. Refer to the exhibit.

What does the API do when connected to a Cisco security appliance?

get the process and PID information from the computers in the network

create an SNMP pull mechanism for managing AMP

gather network telemetry information from AMP for endpoints

gather the network interface information about the computers AMP sees

38. Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?

Security Intelligence

Impact Flags

Health Monitoring

URL Filtering

39. Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)

Cisco FTDv configured in routed mode and managed by an FMCv installed in AWS

Cisco FTDv with one management interface and two traffic interfaces configured

Cisco FTDv configured in routed mode and managed by a physical FMC appliance on premises

Cisco FTDv with two management interfaces and one traffic interface configured

Cisco FTDv configured in routed mode and IPv6 configured

40. Which option is the main function of Cisco Firepower impact flags?

They alert administrators when critical events occur.

They highlight known and suspected malicious IP addresses in reports.

They correlate data about intrusions and vulnerability.

They identify data that the ASA sends to the Firepower module.

Page 5 of 6

41. On Cisco Firepower Management Center, which policy is used to collect health modules alerts from managed devices?

health policy

system policy

correlation policy

access control policy

health awareness policy

42. Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion Prevention System?

control

malware

URL filtering

protect

43. Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System? (Choose two)

Port

Rule

Source

Application

Protocol

44. Which feature is configured for managed devices in the device platform settings of the Firepower Management Center?

quality of service

time synchronization

network address translations

intrusion policy

45. Which information is required when adding a device to Firepower Management Center?

username and password

encryption method

device serial number

registration key

46. Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)

transparent mode

routed mode

inline mode

active mode

passive monitor-only mode

47. The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic.

Where must the ASA be added on the Cisco UC Manager platform?

Certificate Trust List

Endpoint Trust List

Enterprise Proxy Service

Secured Collaboration Proxy

48. Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?

To view bandwidth usage for NetFlow records, the QoS feature must be enabled.

A sysopt command can be used to enable NSEL on a specific interface.

NSEL can be used without a collector configured.

A flow-export event type must be defined under a policy.

49. Which feature is supported when deploying Cisco ASAv within AWS public cloud?

multiple context mode

user deployment of Layer 3 networks

IPv6

clustering

50. Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System?

It allows traffic if it does not meet the profile.

It defines a traffic baseline for traffic anomaly deduction.

It inspects hosts that meet the profile with more intrusion rules.

It blocks traffic if it does not meet the profile.

Page 6 of 6

51. Which statement about IOS zone-based firewalls is true?

An unassigned interface can communicate with assigned interfaces

Only one interface can be assigned to a zone.

An interface can be assigned to multiple zones.

An interface can be assigned only to one zone.

52. What is a characteristic of Cisco ASA Netflow v9 Secure Event Logging?

It tracks flow-create, flow-teardown, and flow-denied events.

It provides stateless IP flow tracking that exports all records of a specific flow.

It tracks the flow continuously and provides updates every 10 seconds.

Its events match all traffic classes in parallel.

53. Which CLI command is used to register a Cisco FirePower sensor to Firepower Management Center?

configure system add <host><key>

configure manager <key> add host

configure manager delete

configure manager add <host><key>

54. Which policy is used to capture host information on the Cisco Firepower Next Generation Intrusion Prevention System?

Correlation

Intrusion

Access Control

Network Discovery

55. Which ASA deployment mode can provide separation of management on a shared appliance?

DMZ multiple zone mode

transparent firewall mode

multiple context mode

routed mode

56. Refer to the exhibit .

What is a result of the configuration?

Traffic from the DMZ network is redirected

Traffic from the inside network is redirected

All TCP traffic is redirected

Traffic from the inside and DMZ networks is redirected

57. Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?

Group Policy

Access Control Policy

Device Management Policy

Platform Service Policy

58. Which two tasks allow NetFlow on a Cisco ASA 5500 Series firewall? (Choose two)

Enable NetFlow Version 9.

Create an ACL to allow UDP traffic on port 9996.

Apply NetFlow Exporter to the outside interface in the inbound direction.

Create a class map to match interesting traffic.

Define a NetFlow collector by using the flow-export command.

59. A mall provides security services to customers with a shared appliance. The mall wants separation of management on the shared appliance .

Which ASA deployment mode meets these needs?

routed mode

transparent mode

multiple context mode

multiple zone mode

60. What is a characteristic of Firepower NGIPS inline deployment mode?

ASA with Firepower module cannot be deployed.

It cannot take actions such as blocking traffic.

It is out-of-band from traffic.

It must have inline interface pairs configured.

Welcome To Choose Required IT Certification Exams Online

CCNP Security Certification Exam 350-701 SCOR Real Study Guide

Read Free Questions Below To Check 350-701 SCOR Real Study Guide

Author