Do you want to study on cisco 350-701 together?

姜洪涛

Any one is studying on 350-701 now? if please add me to your wechat, so we can learn together.
/ x( V2 d2 d! r1 D; T% h
/ t: J: k- T6 w+ Y' m1 l4 q! F9 B2 Qplease send your wechat id to jhthello@hotmail.com.

* u7 K1 E$ V; F5 k" L, A5 BThanks,

shyshysh448

姜洪涛

Does anyone want to study together? we can have a daily discussion here. or on the wechat.
. d2 W: W3 I$ l) w

姜洪涛

Question 11

Which two tasks allow NetFlow on a Cisco ASA 5500 Series firewall? (Choose two)

/ i6 k; P$ r9 g+ M# LA. Enable NetFlow Version 9.
1 m6 @# M+ N6 L) {3 d2 j( v& F1 [B. Create an ACL to allow UDP traffic on port 9996.
C. Apply NetFlow Exporter to the outside interface in the inbound direction.
1 r" W' M7 \( h4 ~$ N/ KD. Create a class map to match interesting traffic.
& I  r) |* q" oE. Define a NetFlow collector by using the flow-export command.

9 V+ T+ v7 s0 y" l4 n

3 X9 a0 B, m) n- D5 b# oAnswer: C E
8 o+ K0 v" j# U

姜洪涛

QUESTION 25
( U* U$ u* y9 S7 K0 MWhich VPN technology can support a multivendor environment and secure traffic between sites?
A. SSL VPN
, y$ g) W5 q; w6 A0 h) WB. GET VPN
- e: R2 w; @) l+ Z) n% e  b# bC. FlexVPN
D. DMVPN
% s  V& H. L' Q$ DCorrect Answer: B

姜洪涛

QUESTION 113
! S0 ?" G/ E- p! U4 F# Y* oUnder which two circumstances is a CoA issued? (Choose two)
A. A new authentication rule was added to the policy on the Policy Service node.
6 B2 `" L3 d+ M& B, B% a* k* W9 lB. An endpoint is profiled for the first time.
C. A new Identity Service Engine server is added to the deployment with the Administration persona
: ?4 O& [6 c" y; S" W" @6 c, fD. A new Identity Source Sequence is created and referenced in the authentication policy.
5 z2 P# |; z- i( C; DE. An endpoint is deleted on the Identity Service Engine server.
3 ~4 n; B: U$ y; s+ I: oCorrect Answer: BE
& T5 n! r6 W5 ^& [, p  a; S8 W

8 ?3 }3 ]# F  U' {# TExplanation
6 U* x4 v" Q% i6 a' M# ^& K
The profiling service issues the change of authorization in the following cases:
% @$ `7 A& T, j1 w$ f" [" W2 C4 D– Endpoint deleted—When an endpoint is deleted from the Endpoints page and the endpoint is disconnected or removed from the network.
An exception action is configured—If you have an exception action configured per profile that leads to an unusual or an unacceptable event from that endpoint. The profiling service moves the endpoint to the corresponding static profile by issuing a CoA.
– An endpoint is profiled for the first time—When an endpoint is not statically assigned and profiled for the first time; for example, the profile changes from an unknown to a known profile.
  @9 g3 m/ z- e7 D& l2 L+ An endpoint identity group has changed—When an endpoint is added or removed from an endpoint identity group that is used by an authorization policy.
The profiling service issues a CoA when there is any change in an endpoint identity group, and the endpoint identity group is used in the authorization policy for the following:
* h+ P7 \! m$ b9 |. g++ The endpoint identity group changes for endpoints when they are dynamically profiled
$ I2 \- O0 \6 Z& T  ~8 e8 ~$ ]/ B++ The endpoint identity group changes when the static assignment flag is set to true for a dynamic endpoint
– An endpoint profiling policy has changed and the policy is used in an authorization policy—When an endpoint profiling policy changes, and the policy is included in a logical profile that is used in an authorization policy. The endpoint profiling policy may change due to the profiling policy match or when an endpoint is statically assigned to an endpoint profiling policy, which is associated to a logical profile. In both the cases, the profiling service issues a CoA, only when the endpoint profiling policy is used in an authorization policy.

/ M$ I5 ^: [* IReference: https://www.cisco.com/c/en/us/td ... chapter_010100.html

贾旭丶

what are you talking about

姜洪涛

贾旭丶 发表于 2020-11-6 20:00
what are you talking about

This is the question which from the 350-701 exam? are you taking the exam ?

姜洪涛

QUESTION 1
3 a2 m8 W1 C7 D/ a% H# q0 hWhich attack is commonly associated with C and C++ programming languages?
* V- ~# P4 d7 F$ m; cA. cross-site scriptingwrong
B. DDoS
C. buffer overflow
D. water holing
Correct Answer: C

姜洪涛

QUESTION 2
7 C5 P* R) T/ o4 R) ^  DWhat is a language format designed to exchange threat intelligence that can be transported over the TAXII protocol?
9 M- k4 w0 s) h. J- U/ D* bA. SMTPwrong
+ ]' D/ U2 ~# B) RB. pxGrid
C. STIX
- `2 k& g' }7 B* l" o& eD. XMPP
Correct Answer: C

姜洪涛

QUESTION 3
4 D- Y" Z2 k7 iWhich two preventive measures are used to control cross-site scripting? (Choose two)
" d; v/ B: V5 z8 ^7 ?' t3 LA. Disable cookie inspection in the HTML inspection engine.wrong
B. Incorporate contextual output encoding/escaping
( X6 Y! G" X# ?4 Y4 WC. Enable client-side scripts on a per-domain basis
3 d1 s! z' x- Y# fD. Run untrusted HTML input through an HTML sanitization engine.
. P6 n- A  n. E- r  IE. Same Site cookie attribute should not be used.
Correct Answer: BC

姜洪涛

QUESTION 4
Which two mechanisms are used to control phishing attacks? (Choose two)
A. Use antispyware software.wrong
3 S! F( i+ G" c- k# d* \B. Implement email filtering techniques.
C. Revoke expired CRL of the websites.
  m  f" m2 o* w6 ?7 P6 o; y  \" e+ KD. Enable browser alerts for fraudulent websites.
E. Define security group memberships.
; O' k" e/ j- r& pCorrect Answer: BD
' |, u# T% v5 I
QUESTION 5
* V* x& C2 ?/ z8 s  x1 \. @In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?
A. rootkit exploitwrong
. G3 m0 c" @$ @% YB. Smurf
C. distributed denial of service
, s1 f" r7 `$ b- zD. cross-site scripting
Correct Answer: D

姜洪涛

QUESTION 6
Which two behavioral patterns characterize a ping of death attack? (Choose two)
7 Q( H( f$ \5 Q8 s" o5 g1 _A. Malformed packets are used to crash systems.
B. The attack is fragmented into groups of 8 octets before transmission.
/ T! a/ W# M0 d- ]- B+ w4 `$ t! ?C. The attack is fragmented into groups of 16 octets before transmission.
. |- h1 h7 R% J& ^( d* ]D. Publicly accessible DNS servers are typically used to execute the attack.
E. Short synchronized bursts of traffic are used to disrupt TCP connections.
Correct Answer: AB
: q& B: a9 y; Q( R, Z' ~QUESTION 7
What is the difference between deceptive phishing and spear phishing?
A. Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
. O& ^, y" |* K' ~7 H# R# F7 NB. A spear phishing campaign is aimed at a specific person versus a group of people.
' c6 m9 h: i) ]  j+ i5 aC. Spear phishing is when the attack is aimed at the C-level executives of an organization.
3 N" A" G4 e& j; ?. C4 @! kD. Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.
' w4 O3 @5 ~: r0 Y8 S+ ^+ lCorrect Answer: B

姜洪涛

QUESTION 8
% r6 C) b4 Q! M; b: b' KWhich two endpoint measures are used to minimize the chances of falling victim to phishing and social engineering attacks? (Choose two)
A. Patch for cross-site scripting.
$ Q+ L( k: N8 N( d8 gB. Perform backups to the private cloud.
C. Protect systems with an up-to-date antimalware program.
0 z# b" a5 S" v, CD. Protect against input validation and character escapes in the endpoint.
1 n( D. k: E5 q/ i, n' VE. Install a spam and virus email filter.
Correct Answer: CE
( `( e3 A3 O) h+ X  a& BQUESTION 9
1 g: S# m% c: b8 _Which two capabilities does TAXII support? (Choose two)
A. Binding
B. Exchange
C. Mitigating
D. Pull messaging
E. Correlation
Correct Answer: AD
QUESTION 10
# B. B. l% A4 e9 l: D8 HWhich flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
( a" |/ K- v, z4 GA. web page images
+ I7 @% g3 P% q9 `/ Z7 e5 wB. database
C. Linux and Windows operating systems
6 }/ `5 L( r# {7 f: r5 J" VD. user input validation in a web page or web application
Correct Answer: D

姜洪涛

QUESTION 11
9 F4 r; z" _% R* HWhich two prevention techniques are used to mitigate SQL injection attacks? (Choose two)
) @) v: ^7 @7 K9 ~/ V( K8 v! ^A. Secure the connection between the web and the app tier.
B. Use prepared statements and parameterized queries.
$ i. F/ O6 Q5 p) r* BC. Check integer, float, or Boolean string parameters to ensure accurate values.
D. Block SQL code execution in the web application database login.
7 y, w, F; @* X, u4 }! xE. Write SQL code instead of using object-relational mapping libraries.
Correct Answer: BC
+ E' q0 y' W! Y) [" ?0 {5 fQUESTION 12
Which form of attack is launched using botnets?
& W- r$ v, }: p8 a! M0 lA. DDOS
B. EIDDOS
C. TCP flood
D. virus
) w- ]- j2 E. H0 P: [( qCorrect Answer: A
QUESTION 13
Which type of attack is social engineering?
  `/ b% T  m( B0 L+ KA. trojan
B. malware
' I' L* p' u  h$ J9 ^0 R& n9 }C. phishing
D. MITM
Correct Answer: C