My Daypo


Title of test:
SCOR Q301-Q350

SCOR 350-701

(Other tests from this author)

Creation Date:


Number of questions: 50
Share the Test:
Share the Test:
Last comments
No comments about this test.
What are two things to consider when using PAC files with the Cisco WSA? (Choose two.) If the WSA host port is changed, the default port redirects web traffic to the correct port automatically. PAC files use if-else statements to determine whether to use a proxy or a direct connection for traffic between the PC and the host. The WSA hosts PAC files on port 9001 by default. The WSA hosts PAC files on port 6001 by default. By default, they direct traffic through a proxy when the PC and the host are on the same subnet.
Which IETF attribute is supported for the RADIUS CoA feature? 24 State 30 Calling-Station-ID 42 Acct-Session-ID 81 Message-Authenticator.
When a transparent authentication fails on the Web Security Appliance, which type of access does the end user get? guest limited Internet blocked full Internet.
What are two ways that the Cisco Container Platform provides value to customers who utilize cloud service providers? (Choose two.) Allows developers to create code once and deploy to multiple clouds helps maintain source code for cloud deployments manages Docker containers manages Kubernetes clusters Creates complex tasks for managing code.
DRAG DROP - Drag and drop the posture assessment flow actions from the left into a sequence on the right. Select and Place: Validate user credentials Check device compliance with the security policy Grant appropriate access to the compliant device Apply updates or take other necessary action Permit just enough for the posture assessment.
import requests client_id='a1b2c3d4e5g6h7i8j90' api_key='a1b2c3d4-e5g6-h7i8-j90-k1|lm34o5p6' Refer to the exhibit. What does the API key do while working with displays client ID HTTP authorization Imports requests HTTP authentication.
Which statement describes a serverless application? The application delivery controller in front of the server farm designates on which server the application runs each time. The application runs from an ephemeral, event-triggered, and stateless container that is fully managed by a cloud provider. The application is installed on network equipment and not on physical servers. The application runs from a containerized environment that is managed by Kubernetes or Docker Swarm.
What is a description of micro-segmentation? Environments deploy a container orchestration platform, such as Kubernetes, to manage the application delivery. Environments apply a zero-trust model and specify how applications on different servers or containers can communicate. Environments deploy centrally managed host-based firewall rules on each server or container. Environments implement private VLAN segmentation to group servers with similar applications.
Which Cisco WSA feature supports access control using URL categories? transparent user identification SOCKS proxy services web usage controls user session restrictions.
Which technology limits communication between nodes on the same network segment to individual applications? serverless infrastructure microsegmentation SaaS deployment machine-to-machine firewalling.
An engineer enabled SSL decryption for Cisco Umbrella intelligent proxy and needs to ensure that traffic is inspected without alerting end-users. Which action accomplishes this goal? Restrict access to only websites with trusted third-party signed certificates. Modify the user's browser settings to suppress errors from Cisco Umbrella. Upload the organization root CA to Cisco Umbrella. Install the Cisco Umbrella root CA onto the user's device.
What is the purpose of joining Cisco WSAs to an appliance group? All WSAs in the group can view file analysis results. The group supports improved redundancy It supports cluster operations to expedite the malware analysis process. It simplifies the task of patching multiple appliances.
Why should organizations migrate to an MFA strategy for authentication? Single methods of authentication can be compromised more easily than MFA. Biometrics authentication leads to the need for MFA due to its ability to be hacked easily. MFA methods of authentication are never compromised. MFA does not require any piece of evidence for an authentication mechanism.
Which technology should be used to help prevent an attacker from stealing usernames and passwords of users within an organization? RADIUS-based REAP fingerprinting Dynamic ARP Inspection multifactor authentication.
Which type of attack is MFA an effective deterrent for? ping of death phishing teardrop syn flood.
Which solution for remote workers enables protection, detection, and response on the endpoint against known and unknown threats? Cisco AMP for Endpoints Cisco AnyConnect Cisco Umbrella Cisco Duo.
Which two actions does the Cisco Identity Services Engine posture module provide that ensures endpoint security? (Choose two.) Assignments to endpoint groups are made dynamically, based on endpoint attributes. Endpoint supplicant configuration is deployed. A centralized management solution is deployed. Patch management remediation is performed. The latest antivirus updates are applied before access is allowed. .
What is an advantage of the Cisco Umbrella roaming client? the ability to see all traffic without requiring TLS decryption visibility into IP-based threats by tunneling suspicious IP connections the ability to dynamically categorize traffic to previously uncategorized sites visibility into traffic that is destined to sites within the office environment.
Which Cisco platform provides an agentless solution to provide visibility across the network including encrypted traffic analytics to detect malware in encrypted traffic without the need for decryption? Cisco Advanced Malware Protection Cisco Stealthwatch Cisco Identity Services Engine Cisco AnyConnect.
Which two Cisco ISE components must be configured for BYOD? (Choose two.) local WebAuth central WebAuth null WebAuth guest dual.
Which system performs compliance checks and remote wiping? MDM ISE AMP OTP.
An engineer is configuring Cisco WSA and needs to enable a separated email transfer flow from the Internet and from the LAN. Which deployment mode must be used to accomplish this goal? single interface multi-context transparent two-interface.
A network engineer is tasked with configuring a Cisco ISE server to implement external authentication against Active Directory. What must be considered about the authentication requirements? (Choose two.) RADIUS communication must be permitted between the ISE server and the domain controller. The ISE account must be a domain administrator in Active Directory to perform JOIN operations. Active Directory only supports user authentication by using MSCHAPv2. LDAP communication must be permitted between the ISE server and the domain controller. Active Directory supports user and machine authentication by using MSCHAPv2. .
Which configuration method provides the options to prevent physical and virtual endpoint devices that are in the same base EPG or uSeg from being able to communicate with each other with Vmware VDS or Microsoft vSwitch? inter-EPG isolation inter-VLAN security intra-EPG isolation placement in separate EPGs.
What are two ways a network administrator transparently identifies users using Active Directory on the Cisco WSA? (Choose two.) Create an LDAP authentication realm and disable transparent user identification. Create NTLM or Kerberos authentication realm and enable transparent user identification. Deploy a separate Active Directory agent such as Cisco Context Directory Agent. The eDirectory client must be installed on each client workstation. Deploy a separate eDirectory server; the client IP address is recorded in this server.
Which baseline form of telemetry is recommended for network infrastructure devices? SDNS NetFlow passive taps SNMP.
In which scenario is endpoint-based security the solution? inspecting encrypted traffic device profiling and authorization performing signature-based application control inspecting a password-protected archive.
Refer to the exhibit. What is the result of the Python script? It uses the POST HTTP method to obtain a username and password to be used for authentication. It uses the POST HTTP method to obtain a token to be used for authentication. It uses the GET HTTP method to obtain a token to be used for authentication. It uses the GET HTTP method to obtain a username and password to be used for authentication.
Why is it important to patch endpoints consistently? Patching reduces the attack surface of the infrastructure. Patching helps to mitigate vulnerabilities. Patching is required per the vendor contract. Patching allows for creating a honeypot.
Which two parameters are used for device compliance checks? (Choose two.) endpoint protection software version Windows registry values DHCP snooping checks DNS integrity checks device operating system version.
Which Cisco cloud security software centrally manages policies on multiple platforms such as Cisco ASA, Cisco Firepower, Cisco Meraki, and AWS? Cisco Defense Orchestrator Cisco Configuration Professional Cisco Secureworks Cisco DNAC.
Which Cisco security solution determines if an endpoint has the latest OS updates and patches installed on the system? Cisco Endpoint Security Analytics Cisco AMP for Endpoints Endpoint Compliance Scanner Security Posture Assessment Service.
Which open standard creates a framework for sharing threat intelligence in a machine-digestible format? OpenIOC OpenC2 CybOX STIX.
What is the difference between Cisco AMP for Endpoints and Cisco Umbrella? Cisco AMP for Endpoints is a cloud-based service, and Cisco Umbrella is not Cisco AMP for Endpoints automatically researches indicators of compromise and confirms threats and Cisco Umbrella does not Cisco AMP for Endpoints prevents, detects, and responds to attacks before damage can be done, and Cisco Umbrella provides the first line of defense against Internet threats Cisco AMP for Endpoints prevents connections to malicious destinations, and Cisco Umbrella works at the file level to prevent the initial execution of malware.
What are the two functionalities of northbound and southbound APIs within Cisco SDN architecture? (Choose two.) Northbound APIs utilize RESTful API methods such as GET, POST, and DELETE Southbound APIs utilize CLI, SNMP, and RESTCONF Southbound APIs are used to define how SDN controllers integrate with applications Northbound interfaces utilize OpenFlow and OpFlex to integrate with network devices Southbound interfaces utilize device configurations such as VLANs and IP addresses.
Refer to the exhibit. What is the function of the Python script code snippet for the Cisco ASA REST API? changes the hostname of the Cisco ASA adds a global rule into policies deletes a global rule from policies obtains the saved configuration of the Cisco ASA firewall.
Drag and drop the features of Cisco ASA with Firepower from the left onto the benefits on the right. Select and Place: Full Context Awareness NGIPS AMP Collective Security Intelligence.
What are two functions of secret key cryptography? (Choose two.) utilization of less memory utilization of large prime number iterations utilization of different keys for encryption and decryption key selection without integer factorization provides the capability to only know the key on one side.
Refer to the exhibit. When creating an access rule for URL filtering a network engineer adds certain categories and individual URLs to block. What is the result of the configuration? Only URLs for botnets with a reputation score of 3 will be allowed while the rest will be blocked. Only URLs for botnets with reputation scores of 1-3 will be blocked. Only URLs for botnets with reputation scores of 3-5 will be blocked. Only URLs for botnets with a reputation score of 3 will be blocked.
Which security product enables administrators to deploy Kubernetes clusters in air-gapped sites without needing Internet access? Cisco Container Controller Cisco Cloud Platform Cisco Container Platform Cisco Content Platform.
A network engineer must migrate a Cisco WSA virtual appliance from one physical host to another physical host by using VMware vMotion. What is the requirement for both physical hosts? The hosts must run Cisco AsyncOS 10.0 or greater. The hosts must run different versions of Cisco AsyncOS. The hosts must have access to the same defined network. The hosts must use a different datastore than the virtual appliance.
An engineer must modify a policy to block specific addresses using Cisco Umbrella. The policy is created already and is actively used by devices, using many of the default policy elements. What else must be done to accomplish this task? Create a destination list for addresses to be allowed or blocked Use content categories to block or allow specific addresses Add the specified addresses to the identities list and create a block action Modify the application settings to allow only applications to connect to required addresses.
What must be enabled to secure SaaS-based applications? two-factor authentication end-to-end encryption application security gateway modular policy framework.
An engineer configures new features within the Cisco Umbrella dashboard and wants to identify and proxy traffic that is categorized as risky domains and may contain safe and malicious content. Which action accomplishes these objectives? Upload the threat intelligence database to Cisco Umbrella for the most current information on reputations and to have the destination lists block them Configure URL filtering within Cisco Umbrella to track the URLs and proxy the requests for those categories and below Create a new site within Cisco Umbrella to block requests from those categories so they can be sent to the proxy device Configure intelligent proxy within Cisco Umbrella to intercept and proxy the requests for only those categories.
An engineer is configuring Cisco Umbrella and has an identity that references two different policies. Which action ensures that the policy that the identity must use takes precedence over the second one? Place the policy with the most-specific configuration last in the policy order Configure the default policy to redirect the requests to the correct policy Make the correct policy first in the policy order Configure only the policy with the most recently changed timestamp.
A Cisco ISE engineer configures Central Web Authentication (CWA) for wireless guest access and must have the guest endpoints redirect to the guest portal for authentication and authorization. While testing the policy, the engineer notices that the device is not redirected and instead gets full guest access. What must be done for the redirect to work? Tag the guest portal in the CWA part of the Common Tasks section of the authorization profile for the authorization policy line that the unauthenticated devices hit. Create an advanced attribute setting of Cisco:cisco-gateway-id=guest within the authorization profile for the authorization policy line that the unauthenticated devices hit. Add the DACL name for the Airespace ACL configured on the WLC in the Common Tasks section of the authorization profile for the authorization policy line that the unauthenticated devices hit. Use the track movement option within the authorization profile for the authorization policy line that the unauthenticated devices hit.
What is the intent of a basic SYN flood attack? to solicit DNS responses to flush the register stack to re-initiate the buffers to exceed the threshold limit of the connection queue to cause the buffer to overflow.
What is an advantage of network telemetry over SNMP pulls? security scalability accuracy encapsulation.
Which security solution protects users leveraging DNS-layer security? Cisco ISE Cisco Umbrella Cisco ASA Cisco FTD.
What are the two functions of TAXII in threat intelligence sharing? (Choose two.) allows users to describe threat motivations and abilities determines how threat intelligence information is relayed determines the "what" of threat intelligence exchanges trusted anomaly intelligence information supports STIX information.
Report abuse Terms of use