350-701 Free Practice Test

- (Exam Topic 3)
What must be enabled to secure SaaS-based applications?

1. A. modular policy framework
2. B. two-factor authentication
3. C. application security gateway
4. D. end-to-end encryption

Correct Answer: C

- (Exam Topic 2)
An organization has two systems in their DMZ that have an unencrypted link between them for communication.
The organization does not have a defined password policy and uses several default accounts on the systems. The application used on those systems also have not gone through stringent code reviews. Which vulnerability would help an attacker brute force their way into the systems?

1. A. weak passwords
2. B. lack of input validation
3. C. missing encryption
4. D. lack of file permission

Correct Answer: C
Reference: https://tools.ietf.org/html/rfc3954

- (Exam Topic 1)
What is a commonality between DMVPN and FlexVPN technologies?

1. A. FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes
2. B. FlexVPN and DMVPN use the new key management protocol
3. C. FlexVPN and DMVPN use the same hashing algorithms
4. D. IOS routers run the same NHRP code for DMVPN and FlexVPN

Correct Answer: D
Reference: https://packetpushers.net/cisco-flexvpn-dmvpn-high-level-design/

- (Exam Topic 3)
Refer to the exhibit.

Consider that any feature of DNS requests, such as the length off the domain name and the number of subdomains, can be used to construct models of expected behavior to which observed values can be compared. Which type of malicious attack are these values associated with?

1. A. Spectre Worm
2. B. Eternal Blue Windows
3. C. Heartbleed SSL Bug
4. D. W32/AutoRun worm

Correct Answer: D

- (Exam Topic 1)
Which capability is exclusive to a Cisco AMP public cloud instance as compared to a private cloud instance?

1. A. RBAC
2. B. ETHOS detection engine
3. C. SPERO detection engine
4. D. TETRA detection engine

Correct Answer: B