350-701 Free Practice Test

- (Exam Topic 1)
A malicious user gained network access by spoofing printer connections that were authorized using MAB on four different switch ports at the same time. What two catalyst switch security features will prevent further violations? (Choose two)

1. A. DHCP Snooping
2. B. 802.1AE MacSec
3. C. Port security
4. D. IP Device track
5. E. Dynamic ARP inspection
6. F. Private VLANs

Correct Answer: AE

- (Exam Topic 3)
Which feature does the laaS model provide?

1. A. granular control of data
2. B. dedicated, restricted workstations
3. C. automatic updates and patching of software
4. D. software-defined network segmentation

Correct Answer: C

- (Exam Topic 2)
A network administrator needs to find out what assets currently exist on the network. Third-party systems need to be able to feed host data into Cisco Firepower. What must be configured to accomplish this?

1. A. a Network Discovery policy to receive data from the host
2. B. a Threat Intelligence policy to download the data from the host
3. C. a File Analysis policy to send file data into Cisco Firepower
4. D. a Network Analysis policy to receive NetFlow data from the host

Correct Answer: A
You can configure discovery rules to tailor the discovery of host and application data to your needs.The Firepower System can use data from NetFlow exporters to generate connection and discovery events, and to add host and application data to the network map.A network analysis policy governs how traffic is decoded and preprocessed so it can be further evaluated, especially for anomalous traffic that might signal an intrusion attempt -> Answer D is not correct.

- (Exam Topic 3)
When a next-generation endpoint security solution is selected for a company, what are two key deliverables that help justify the implementation? (Choose two.)

1. A. signature-based endpoint protection on company endpoints
2. B. macro-based protection to keep connected endpoints safe
3. C. continuous monitoring of all files that are located on connected endpoints
4. D. email integration to protect endpoints from malicious content that is located in email
5. E. real-time feeds from global threat intelligence centers

Correct Answer: CE

- (Exam Topic 3)
Which two capabilities does an MDM provide? (Choose two.)

1. A. delivery of network malware reports to an inbox in a schedule
2. B. unified management of mobile devices, Macs, and PCs from a centralized dashboard
3. C. enforcement of device security policies from a centralized dashboard
4. D. manual identification and classification of client devices
5. E. unified management of Android and Apple devices from a centralized dashboard

Correct Answer: BC