Cisco Implementing and Operating Cisco Security Core Technologies 350-701 SCOR Exam Questions

Page: 1 / 14
Total 727 questions
Question 1

[Secure Network Access, Visibility, and Enforcement]

Which RADIUS attribute can you use to filter MAB requests in an 802.1 x deployment?



Answer : C

Because MAB uses the MAC address as a username and password, you should make sure that the RADIUS server can differentiate MAB requests from other types of requests for network access. This precaution will prevent other clients from attempting to use a MAC address as a valid credential. Cisco switches uniquely

identify MAB requests by setting Attribute 6 (Service-Type) to 10 (Call-Check) in a MAB Access-Request

message. Therefore, you can use Attribute 6 to filter MAB requests at the RADIUS server.


Question 2

[Security Concepts]

Which telemetry data captures variations seen within the flow, such as the packets TTL, IP/TCP flags, and payload length?



Answer : A

The telemetry information consists of three types of data:

+ Flow information: This information contains details about endpoints, protocols, ports, when the flow started,

how long the flow was active, etc.

+ Interpacket variation: This information captures any interpacket variations within the flow. Examples include

variation in Time To Live (TTL), IP and TCP flags, payload length, etc

+ Context details: Context information is derived outside the packet header. It includes details about variation in buffer utilization, packet drops within a flow, association with tunnel endpoints, etc.


Question 3

[Network Security]

Which two cryptographic algorithms are used with IPsec? (Choose two)



Answer : C, E

Cryptographic algorithms defined for use with IPsec include:

+ HMAC-SHA1/SHA2 for integrity protection and authenticity.

+ TripleDES-CBC for confidentiality

+ AES-CBC and AES-CTR for confidentiality.

+ AES-GCM and ChaCha20-Poly1305 providing confidentiality and authentication together efficiently.


Question 4

[Security Concepts]

Which Cisco DNA Center Intent API action is used to retrieve the number of devices known to a DNA Center?



Answer : A


Question 5

[Secure Network Access, Visibility, and Enforcement]

Which role is a default guest type in Cisco ISE?



Answer : C, D

To add switches into the fabric, administrators can use PowerOn Auto Provisioning (POAP) or Seed IP methods. POAP is a feature that automates the process of upgrading software images and installing configuration files on Cisco switches that are being deployed in the network for the first time. Seed IP is a method that allows administrators to specify the IP address of a switch that is already part of the fabric, and then use it to discover and add other switches that are connected to it. Both methods enable administrators to control how switches are added into DCNM for private cloud management.Reference:

POAP, section ''PowerOn Auto Provisioning (POAP)''.

Seed IP, section ''Add Switches''.

https://www.cisco.com/c/en/us/td/docs/security/ise/1-4-1/admin_guide/b_ise_admin_guide_141/b_ise_admin_guide_141_chapter_01110.html


Question 6

[Security Concepts]

What is an advantage of the Cisco Umbrella roaming client?



Answer : B

The Cisco Umbrella roaming client is a cloud-delivered security service for Cisco's next-generation firewall that protects employees when they are off the VPN. No additional agents are required. Simply enable the Umbrella functionality in the Cisco AnyConnect client. One of the advantages of the Umbrella roaming client is that it provides visibility into IP-based threats by tunneling suspicious IP connections to the Umbrella cloud for inspection and blocking. This way, the roaming client can prevent malware, phishing, and command-and-control callbacks from reaching malicious domains and IPs, regardless of the port or protocol. The Umbrella roaming client also provides DNS-layer security when the VPN is off, and proactive blocking of emerging threats using real-time data analysis.Reference:

Cisco Umbrella Roaming

3 Benefits of Using Roaming Client with Cisco Umbrella

Secure remote workers with the Cisco Umbrella roaming client

Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 (Module 5.1.1)


Question 7

[Endpoint Protection and Detection]

Why is it important to have a patching strategy for endpoints?



Answer : C

Patching is important for security, compliance, stability, and reputation reasons. Patches are released to fix security vulnerabilities in software and systems, which can be exploited by cybercriminals to cause data breaches, data loss, or other damage. Failure to patch these vulnerabilities leaves the company's systems exposed to potential security risks. Patch management helps to minimize these risks by ensuring that all software and systems are up-to-date with the latest security patches. Patch management also helps to comply with regulatory and industry standards that require a certain level of security, and to avoid legal consequences for non-compliance. Additionally, patches provide bug fixes and other updates that improve the stability and performance of software and systems, and prevent system crashes, downtime, and other issues that can negatively impact the business operations. Finally, patch management helps to maintain a positive reputation for the company, as a security breach or downtime caused by unpatched vulnerabilities can damage the customer trust and loyalty, and result in revenue loss.Reference:

5 Patch Management Best Practices for Success in 2023 - TechRepublic

Six Patch Management Best Practices

[Updated 2024] - Heimdal Security


Page:    1 / 14   
Total 727 questions