Get Latest Oct-2021 Conduct effective penetration tests using Dumpexams 350-701 exam [Q193-Q208]

Get Latest [Oct-2021] Conduct effective penetration tests using  Dumpexams 350-701

Penetration testers simulate 350-701 exam PDF

NEW QUESTION 193
Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent? (Choose two.)

• A. Outgoing traffic is allowed so users can communicate with outside organizations.
• B. Messenger applications cannot be segmented with standard network controls.
• C. Malware infects the messenger application on the user endpoint to send company data.
• D. Traffic is encrypted, which prevents visibility on firewalls and IPS systems.
• E. An exposed API for the messaging platform is used to send large amounts of data.

Answer: A,B

 

NEW QUESTION 194
After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future?

• A. Modify outbound malware scanning policies
• B. Modify web proxy settings
• C. Modify identification profiles.
• D. Modify an access policy.

Answer: B

Explanation:
Reference:

 

NEW QUESTION 195
What is a characteristic of Firepower NGIPS inline deployment mode?

• A. ASA with Firepower module cannot be deployed.
• B. It cannot take actions such as blocking traffic.
• C. It is out-of-band from traffic.
• D. it must have inline interface pairs configured.

Answer: D

 

NEW QUESTION 196
What is a required prerequisite to enable malware file scanning for the Secure Internet Gateway?

• A. Enable IP Layer enforcement.
• B. Activate SSL decryption.
• C. Enable Intelligent Proxy.
• D. Activate the Advanced Malware Protection license

Answer: C

 

NEW QUESTION 197
Which two key and block sizes are valid for AES? (Choose two.)

• A. 64-bit block size, 168-bit key length
• B. 192-bit block size, 256-bit key length
• C. 64-bit block size, 112-bit key length
• D. 128-bit block size, 192-bit key length
• E. 128-bit block size, 256-bit key length

Answer: D,E

Explanation:
Explanation/Reference: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

 

NEW QUESTION 198
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.

Answer:

Explanation:

Explanation

https://www.cisco.com/c/en/us/products/collateral/security/ngips/datasheet-c78-742472.html
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Refere
https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/advanced-malware-protection/solution-ov

 

NEW QUESTION 199
When Cisco and other industry organizations publish and inform users of known security findings and vulnerabilities, which name is used?

• A. Common Security Exploits
• B. Common Vulnerabilities, Exploits and Threats
• C. Common Vulnerabilities and Exposures
• D. Common Exploits and Vulnerabilities

Answer: C

Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cve/174/cve-addressed-1741.html

 

NEW QUESTION 200
Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System? (Choose two)

• A. Application
• B. Port
• C. Protocol
• D. Source
• E. Rule

Answer: D,E

 

NEW QUESTION 201
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?

• A. platform service policy
• B. access control policy
• C. group policy
• D. device management policy

Answer: A

 

NEW QUESTION 202
After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future?

• A. Modify outbound malware scanning policies
• B. Modify an access policy
• C. Modify identification profiles
• D. Modify web proxy settings

Answer: B

Explanation:
URL conditions in access control rules allow you to limit the websites that users on your network can access. This feature is called URL filtering. There are two ways you can use access control to specify URLs you want to block (or, conversely, allow): - With any license, you can manually specify individual URLs, groups of URLs, and URL lists and feeds to achieve granular, custom control over web traffic. - With a URL Filtering license, you can also control access to websites based on the URL's general classification, or category, and risk level, or reputation. The system displays this category and reputation data in connection logs, intrusion events, and application details. Using category and reputation data also simplifies policy creation and administration. It grants you assurance that the system will control web traffic as expected. Finally, because Cisco's threat intelligence is continually updated with new URLs, as well as new categories and risks for existing URLs, you can ensure that the system uses up-to-date information to filter requested URLs. Malicious sites that represent security threats such as malware, spam, botnets, and phishing may appear and disappear faster than you can update and deploy new policies. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guidev60/Access_Control_Rules__URL_Filtering.html
- With any license, you can manually specify individual URLs, groups of URLs, and URL lists and feeds to achieve granular, custom control over web traffic.
- With a URL Filtering license, you can also control access to websites based on the URL's general classification, or category, and risk level, or reputation. The system displays this category and reputation data in connection logs, intrusion events, and application details.
Using category and reputation data also simplifies policy creation and administration. It grants you assurance that the system will control web traffic as expected. Finally, because Cisco's threat intelligence is continually updated with new URLs, as well as new categories and risks for existing URLs, you can ensure that the system uses up-to-date information to filter requested URLs. Malicious sites that represent security threats such as malware, spam, botnets, and phishing may appear and disappear faster than you can update and deploy new policies.
URL conditions in access control rules allow you to limit the websites that users on your network can access. This feature is called URL filtering. There are two ways you can use access control to specify URLs you want to block (or, conversely, allow): - With any license, you can manually specify individual URLs, groups of URLs, and URL lists and feeds to achieve granular, custom control over web traffic. - With a URL Filtering license, you can also control access to websites based on the URL's general classification, or category, and risk level, or reputation. The system displays this category and reputation data in connection logs, intrusion events, and application details. Using category and reputation data also simplifies policy creation and administration. It grants you assurance that the system will control web traffic as expected. Finally, because Cisco's threat intelligence is continually updated with new URLs, as well as new categories and risks for existing URLs, you can ensure that the system uses up-to-date information to filter requested URLs. Malicious sites that represent security threats such as malware, spam, botnets, and phishing may appear and disappear faster than you can update and deploy new policies. Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guidev60/Access_Control_Rules__URL_Filtering.html

 

NEW QUESTION 203
A company is experiencing exfiltration of credit card numbers that are not being stored on-premise. The company needs to be able to protect sensitive data throughout the full environment Which tool should be used to accomplish this goal?

• A. Security Manager
• B. Cisco ISE
• C. Web Security Appliance
• D. Cloudlock

Answer: D

Explanation:
https://www.cisco.com/c/dam/en/us/products/collateral/security/cloudlock/cisco-cloudlock-cloud-data-securitydatasheet.pdf

 

NEW QUESTION 204
Which Cisco AMP file disposition valid?

• A. malware
• B. dirty
• C. non malicious
• D. pristine

Answer: A

 

NEW QUESTION 205
Refer to the exhibit.

What is a result of the configuration?

• A. Traffic from the inside and DMZ networks is redirected
• B. All TCP traffic is redirected
• C. Traffic from the DMZ network is redirected
• D. Traffic from the inside network is redirected

Answer: A

Explanation:
Explanation The purpose of above commands is to redirect traffic that matches the ACL "redirect-acl" to the Cisco FirePOWER (SFR) module in the inline (normal) mode. In this mode, after the undesired traffic is dropped and any other actions that are applied by policy are performed, the traffic is returned to the ASA for further processing and ultimate transmission. The command "service-policy global_policy global" applies the policy to all of the interfaces. Reference: https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configurefirepower-00.html The purpose of above commands is to redirect traffic that matches the ACL "redirect-acl" to the Cisco FirePOWER (SFR) module in the inline (normal) mode. In this mode, after the undesired traffic is dropped and any other actions that are applied by policy are performed, the traffic is returned to the ASA for further processing and ultimate transmission.
The command "service-policy global_policy global" applies the policy to all of the interfaces.
Explanation The purpose of above commands is to redirect traffic that matches the ACL "redirect-acl" to the Cisco FirePOWER (SFR) module in the inline (normal) mode. In this mode, after the undesired traffic is dropped and any other actions that are applied by policy are performed, the traffic is returned to the ASA for further processing and ultimate transmission. The command "service-policy global_policy global" applies the policy to all of the interfaces. Reference: https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configurefirepower-00.html

 

NEW QUESTION 206
Which attack is preventable by Cisco ESA but not by the Cisco WSA?

• A. phishing
• B. buffer overflow
• C. SQL injection
• D. DoS

Answer: A

 

NEW QUESTION 207
What are two benefits of Flexible NetFlow records? (Choose two)

• A. They provide monitoring of a wider range of IP packet information from Layer 2 to 4
• B. They allow the user to configure flow information to perform customized traffic identification
• C. They converge multiple accounting technologies into one accounting mechanism
• D. They provide accounting and billing enhancements
• E. They provide attack prevention by dropping the traffic

Answer: B,D

Explanation:
Explanation Explanation NetFlow is typically used for several key customer applications, including the following: ... Billing and accounting. NetFlow data provides fine-grained metering (for instance, flow data includes details such as IP addresses, packet and byte counts, time stamps, type of service (ToS), and application ports) for highly flexible and detailed resource utilization accounting. Service providers may use the information for billing based on time of day, bandwidth usage, application usage, quality of service, and so on. Enterprise customers may use the information for departmental charge back or cost allocation for resource utilization. Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/15-mt/fnf-15-mt-book/fnffnetflow.html If the predefined Flexible NetFlow records are not suitable for your traffic requirements, you can create a userdefined (custom) record using the Flexible NetFlow collect and match commands. Before you can create a customized record, you must decide the criteria that you are going to use for the key and nonkey fields. Reference: https://www.cisco.com/en/US/docs/ios/fnetflow/configuration/guide/ cust_fnflow_rec_mon_external_docbase_0900e4b18055d0d2_4container_external_docbase_0900e4b181b413 d9.html#wp1057997 Note: Traditional NetFlow allows us to monitor from Layer 2 to 4 but Flexible NetFlow goes beyond these layers.
Explanation
NetFlow is typically used for several key customer applications, including the following:
...
Billing and accounting. NetFlow data provides fine-grained metering (for instance, flow data includes details such as IP addresses, packet and byte counts, time stamps, type of service (ToS), and application ports) for highly flexible and detailed resource utilization accounting. Service providers may use the information for billing based on time of day, bandwidth usage, application usage, quality of service, and so on. Enterprise customers may use the information for departmental charge back or cost allocation for resource utilization.
Reference:
If the predefined Flexible NetFlow records are not suitable for your traffic requirements, you can create a userdefined (custom) record using the Flexible NetFlow collect and match commands. Before you can create a customized record, you must decide the criteria that you are going to use for the key and nonkey fields.
cust_fnflow_rec_mon_external_docbase_0900e4b18055d0d2_4container_external_docbase_0900e4b181b413 d9.html#wp1057997 Note: Traditional NetFlow allows us to monitor from Layer 2 to 4 but Flexible NetFlow goes beyond these Explanation Explanation NetFlow is typically used for several key customer applications, including the following: ... Billing and accounting. NetFlow data provides fine-grained metering (for instance, flow data includes details such as IP addresses, packet and byte counts, time stamps, type of service (ToS), and application ports) for highly flexible and detailed resource utilization accounting. Service providers may use the information for billing based on time of day, bandwidth usage, application usage, quality of service, and so on. Enterprise customers may use the information for departmental charge back or cost allocation for resource utilization. Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/15-mt/fnf-15-mt-book/fnffnetflow.html If the predefined Flexible NetFlow records are not suitable for your traffic requirements, you can create a userdefined (custom) record using the Flexible NetFlow collect and match commands. Before you can create a customized record, you must decide the criteria that you are going to use for the key and nonkey fields. Reference: https://www.cisco.com/en/US/docs/ios/fnetflow/configuration/guide/ cust_fnflow_rec_mon_external_docbase_0900e4b18055d0d2_4container_external_docbase_0900e4b181b413 d9.html#wp1057997 Note: Traditional NetFlow allows us to monitor from Layer 2 to 4 but Flexible NetFlow goes beyond these layers.

 

NEW QUESTION 208
......

Tested Material Used To 350-701 Test Engine: https://www.dumpexams.com/350-701-real-answers.html

Steps Necessary To Pass The 350-701 Exam: https://drive.google.com/open?id=17k5jmFGoqbC2kZmusbNf3mlb2L9X1jXS