350-701 Exam Dumps - Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)

Explanation

Vendors, security researchers, and vulnerability coordination centers typically assign vulnerabilities an identifier that’s disclosed to the public. This identifier is known as the Common Vulnerabilities and Exposures (CVE).

CVE is an industry-wide standard. CVE is sponsored by US-CERT, the office of Cybersecurity and

Communications at the U.S. Department of Homeland Security.

The goal of CVE is to make it’s easier to share data across tools, vulnerability repositories, and security

services.

 Firepower NGIPS inline deployment mode is a mode where the NGIPS device is placed in the traffic path and can take actions such as blocking, modifying, or redirecting traffic based on the policies and rules. In this mode, the NGIPS device must have inline interface pairs configured, which are pairs of physical or logical interfaces that act as a single logical interface. The inline interface pairs are connected to the network devices on both sides of the NGIPS device, and the traffic flows through the NGIPS device from one interface to the other. The NGIPS device can inspect and modify the traffic as it passes through the inline interface pairs12. References := 1: Firepower Management Center Configuration Guide, Version 6.6 - Device Management Basics 2: Configure FTD Interfaces in Inline-Pair Mode

Explanation

Explanation

Storm control prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast storm on one of the physical interfaces. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation, mistakes in network configurations, or users issuing a denial-of-service attack can cause a storm.

By using the “storm-control broadcast level [falling-threshold]” we can limit the broadcast traffic on the switch.

Cross-site scripting (XSS) is the method of attack that is used by a hacker to send malicious code through a web application to an unsuspecting user to request that the victim’s web browser executes the code. XSS is a type of injection attack that exploits the lack of input validation or output encoding in a web application. An attacker can craft a malicious script and embed it in a web page or a URL that is sent to the user. When the user visits the web page or clicks the URL, the script is executed by the user’s browser, which may not be able to distinguish it from legitimate code. The script can then perform various actions, such as stealing cookies, session tokens, or other sensitive information, redirecting the user to a malicious site, or performing actions on behalf of the user12. The other options are not correct, because they are not methods of attack that use web applications to execute malicious code on the user’s browser. Buffer overflow is a type of attack that exploits a memory vulnerability in a program or system, where an attacker can overwrite the memory beyond the allocated buffer and execute arbitrary code3. Browser WGET is a command-line tool that can be used to download files from the web, but it is not an attack method by itself4. SQL injection is a type of attack that exploits a database vulnerability in a web application, where an attacker can inject malicious SQL statements into a user input field and execute them on the database server5. References:

1: What is Cross-Site Scripting (XSS)? - Cisco

2: Cross-Site Scripting (XSS) - OWASP

3: What is a Buffer Overflow? - Cisco

4: GNU Wget 1.21.1 Manual

5: What is SQL Injection (SQLi)? - Cisco

AES encryption is a symmetric block cipher algorithm that uses a single key to encrypt and decrypt data. It is more secure than 3DES, which is an older and slower algorithm that encrypts and decrypts a key three times in sequence. AES can use different key sizes, such as 128, 192, or 256 bits, depending on the security level required. The longer the key, the more rounds of encryption and decryption are performed, making it harder to break. AES encryption is based on a substitution-permutation network, which consists of a series of operations that transform the input data into the output data using the key. References :=

https://www.simplilearn.com/tutorials/cryptography-tutorial/aes-encryption

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Explanation

Explanation

Cisco Cloudlock: Secure your cloud users, data, and applications with the cloud-native Cloud Access Security Broker (CASB) and cloud cybersecurity platform.

In transparent mode, the WSA can handle both explicit and transparent HTTP requests, depending on how the client browser is configured. The WSA must pretend to be the origin content server for transparent requests, since the client is unaware of the existence of a proxy1. WCCP v2 is a protocol that allows a WCCP-enabled device (such as a router or a switch) to redirect traffic to the WSA based on certain criteria, such as destination port 802. This way, the client does not need to configure a proxy or a PAC file in the browser. The other options are false because they are either required for explicit mode or not supported by the WSA. References :=

What is the difference between transparent and forward proxy mode?

Configure Transparent Redirection With WCCP in Order to Support HTTP, HTTPS, and Native FTP Traffic