350-701 Exam Dumps - Implementing and Operating Cisco Security Core Technologies (SCOR)
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA
command must be used?
Which license is required for Cisco Security Intelligence to work on the Cisco Next Generation Intrusion
Prevention System?
The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic. Where must the
ASA be added on the Cisco UC Manager platform?
How many interfaces per bridge group does an ASA bridge group deployment support?
An organization has a Cisco Stealthwatch Cloud deployment in their environment. Cloud logging is working as expected, but logs are not being received from the on-premise network, what action will resolve this issue?
An organization is trying to implement micro-segmentation on the network and wants to be able to gain visibility on the applications within the network. The solution must be able to maintain and force compliance. Which product should be used to meet these requirements?
Which Cisco platform ensures that machines that connect to organizational networks have the recommended
antivirus definitions and patches to help prevent an organizational malware outbreak?
An engineer is trying to securely connect to a router and wants to prevent insecure algorithms from being used.
However, the connection is failing. Which action should be taken to accomplish this goal?
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware?
(Choose two)
What can be integrated with Cisco Threat Intelligence Director to provide information about security threats,
which allows the SOC to proactively automate responses to those threats?
Which two risks is a company vulnerable to if it does not have a well-established patching solution for
endpoints? (Choose two)
Elliptic curve cryptography is a stronger more efficient cryptography method meant to replace which current
encryption technology?
Which component of Cisco umbrella architecture increases reliability of the service?
Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)
What is the purpose of the certificate signing request when adding a new certificate for a server?
An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites
but other sites are not accessible due to an error. Why is the error occurring?
With which components does a southbound API within a software-defined network architecture communicate?
In which two ways does Easy Connect help control network access when used with Cisco TrustSec? (Choose two)
An engineer has enabled LDAP accept queries on a listener. Malicious actors must be prevented from quickly
identifying all valid recipients. What must be done on the Cisco ESA to accomplish this goal?
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system’s applications. Which
vulnerability allows the attacker to see the passwords being transmitted in clear text?
Drag and drop the solutions from the left onto the solution's benefits on the right.
Which cryptographic process provides origin confidentiality, integrity, and origin authentication for packets?
Refer to the exhibit.
When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to
utilize an external token authentication mechanism in conjunction with AAA authentication using machine
certificates. Which configuration item must be modified to allow this?
Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps.
Which two actions must be taken to ensure that interfaces are put back into service? (Choose two)
Which security solution uses NetFlow to provide visibility across the network, data center, branch
offices, and cloud?
An organization must add new firewalls to its infrastructure and wants to use Cisco ASA or Cisco FTD.
The chosen firewalls must provide methods of blocking traffic that include offering the user the option
to bypass the block for certain sites after displaying a warning page and to reset the connection. Which
solution should the organization choose?
What is the difference between Cross-site Scripting and SQL Injection, attacks?
Drag and drop the suspicious patterns for the Cisco Tetration platform from the left onto the correct definitions on the right.
Drag and drop the NetFlow export formats from the left onto the descriptions on the right.
Using Cisco Firepower’s Security Intelligence policies, upon which two criteria is Firepower block based?
(Choose two)
A Cisco Firepower administrator needs to configure a rule to allow a new application that has never been seen
on the network. Which two actions should be selected to allow the traffic to pass without inspection? (Choose
two)
A user has a device in the network that is receiving too many connection requests from multiple machines.
Which type of attack is the device undergoing?
What is a prerequisite when integrating a Cisco ISE server and an AD domain?
Which kind of API that is used with Cisco DNA Center provisions SSIDs, QoS policies, and update software versions on switches?
Which industry standard is used to integrate Cisco ISE and pxGrid to each other and with other
interoperable security platforms?
An organization wants to implement a cloud-delivered and SaaS-based solution to provide visibility and threat detection across the AWS network. The solution must be deployed without software agents and rely on AWS VPC flow logs instead. Which solution meets these requirements?
What are two characteristics of the RESTful architecture used within Cisco DNA Center? (Choose two.)
An engineer is configuring Cisco Umbrella and has an identity that references two different policies. Which action ensures that the policy that the identity must use takes precedence over the second one?
Drag and drop the descriptions from the left onto the encryption algorithms on the right.
A network engineer must migrate a Cisco WSA virtual appliance from one physical host to another physical host by using VMware vMotion. What is a requirement for both physical hosts?
Drag and drop the posture assessment flow actions from the left into a sequence on the right.
Refer to the exhibit.
Which statement about the authentication protocol used in the configuration is true?
Which benefit does endpoint security provide the overall security posture of an organization?
Which VPN technology can support a multivendor environment and secure traffic between sites?
Which cloud service model offers an environment for cloud consumers to develop and deploy applications
without needing to manage or maintain the underlying cloud infrastructure?
Which technology must be used to implement secure VPN connectivity among company branches over a
private IP cloud with any-to-any scalable connectivity?
Which ID store requires that a shadow user be created on Cisco ISE for the admin login to work?
Which two deployment model configurations are supported for Cisco FTDv in AWS? (Choose two)
An engineer must force an endpoint to re-authenticate an already authenticated session without disrupting the
endpoint to apply a new or updated policy from ISE. Which CoA type achieves this goal?
A customer has various external HTTP resources available including Intranet. Extranet, and Internet, with a proxy configuration running in explicit mode Which method allows the client desktop browsers to be configured to select when to connect direct or when to use the proxy?
An engineer needs to configure an access control policy rule to always send traffic for inspection without
using the default action. Which action should be configured for this rule?
What is a benefit of using Cisco CWS compared to an on-premises Cisco WSA?
Refer to the exhibit.
Which configuration item makes it possible to have the AAA session on the network?
An engineer is configuring their router to send NetfFow data to Stealthwatch which has an IP address of 1 1 11 using the flow record Stea!thwatch406397954 command Which additional command is required to complete the flow record?
An administrator needs to configure the Cisco ASA via ASDM such that the network management system
can actively monitor the host using SNMPv3. Which two tasks must be performed for this configuration?
(Choose two.)
An engineer configures new features within the Cisco Umbrella dashboard and wants to identify and proxy traffic that is categorized as risky domains and may contain safe and malicious content. Which action accomplishes these objectives?
What are two advantages of using Cisco Any connect over DMVPN? (Choose two)
Which posture assessment requirement provides options to the client for remediation and requires the
remediation within a certain timeframe?
Which security product enables administrators to deploy Kubernetes clusters in air-gapped sites without needing Internet access?
A network engineer must monitor user and device behavior within the on-premises network. This data must be sent to the Cisco Stealthwatch Cloud analytics platform for analysis. What must be done to meet this
requirement using the Ubuntu-based VM appliance deployed in a VMware-based hypervisor?