Cisco 350-701 SCOR Exam Practice Test Instant Access

Question 1

A network administrator is modifying a remote access VPN on an FTD managed by an FMC. The administrator wants to offload traffic to certain trusted domains. The administrator wants this traffic to go out of the client's local internet and send other internet-bound traffic over the VPN Which feature must the administrator configure?

Adynamic split tunneling

Blocal LAN access

Cdynamic access policies

Dreverse route injection

Answer : A

In a remote access VPN configuration, dynamic split tunneling allows traffic to certain trusted domains to bypass the VPN tunnel and exit through the client's local internet gateway. This feature selectively directs only the necessary traffic over the VPN, while allowing direct internet access for specific domains or traffic deemed safe or trusted, optimizing bandwidth and performance for remote users.

Question 2

Which Cisco solution provides a comprehensive view of Internet domains. IP addresses, and autonomous systems to help pinpoint attackers and malicious infrastructures?

ACisco Threat Indication Database

BCisco Advanced Malware Investigate

CCisco Umbrella Investigate

DCisco Secure Workload Cloud

Answer : C

Cisco Umbrella Investigate provides a comprehensive view of Internet domains, IP addresses, and autonomous systems, offering a wealth of information about the infrastructure of the internet. It helps security analysts and threat investigators to pinpoint current and emerging threats by providing access to data from Cisco's global network, thereby enabling the identification of attackers and malicious infrastructures.

Question 3

Which action configures the IEEE 802.1X Flexible Authentication feature lo support Layer 3 authentication mechanisms?

AIdentity the devices using this feature and create a policy that allows them to pass Layer 2 authentication.

BConfigure WebAuth so the hosts are redirected to a web page for authentication.

CModify the Dot1x configuration on the VPN server lo send Layer 3 authentications to an external authentication database

DAdd MAB into the switch to allow redirection to a Layer 3 device for authentication.

Answer : D

Configuring the IEEE 802.1X Flexible Authentication feature to support Layer 3 authentication mechanisms involves adding MAC Authentication Bypass (MAB) into the switch configuration. This allows devices that do not support 802.1X to be authenticated using their MAC address. Once MAB identifies the device, it can then be redirected to a Layer 3 device for further authentication, thus providing a mechanism to support devices requiring Layer 3 authentication methods.

Question 4

What is the purpose of the Trusted Automated exchange cyber threat intelligence industry standard?

Apublic collection of threat intelligence feeds

Bthreat intelligence sharing organization

Clanguage used to represent security information

Dservice used to exchange security information

Answer : D

Trusted Automated eXchange of Intelligence Information (TAXII) is a collection of services and message exchanges that enable the sharing of cyber threat intelligence across product, service, and organizational boundaries. It is designed to support the exchange of CTI represented in STIX, but is not limited to STIX. TAXII defines an API that aligns with common sharing models, such as hub-and-spoke, peer-to-peer, and subscribe/publish. TAXII is not a public collection of threat intelligence feeds, a threat intelligence sharing organization, or a language used to represent security information. Those are possible descriptions of STIX, which is a complementary standard to TAXII.Reference:STIX and TAXII Approved as OASIS Standards to Enable Automated Exchange of Cyber Threat Intelligence,STIX V2.1 and TAXII V2.1 OASIS Standards are published,What is STIX/TAXII? | Cloudflare,What is STIX / TAXII? Learn about the industry standards for Cyber ...,What are STIX/TAXII Standards I Resources I Anomali

Question 5

A network administrator is setting up Cisco FMC to send logs to Cisco Security Analytics and Logging (SaaS). The network administrator is anticipating a high volume of logging events from the firewalls and wants lo limit the strain on firewall resources. Which method must the administrator use to send these logs to Cisco Security Analytics and Logging?

ASFTP using the FMCCLI

Bsyslog using the Secure Event Connector

Cdirect connection using SNMP traps

DHTTP POST using the Security Analytics FMC plugin

Answer : B

The Secure Event Connector is a component of the Security Analytics and Logging (SaaS) solution that enables the FMC to send logs to the cloud-based service. The Secure Event Connector uses syslog to forward events from the FMC and the managed devices to the cloud. This method reduces the load on the firewall resources, as the events are sent in batches and compressed before transmission. The Secure Event Connector also provides encryption, authentication, and reliability for the log data.The other methods are not supported by the Security Analytics and Logging (SaaS) solution12Reference:=1: Cisco Security Analytics and Logging (On Premises)

Question 6

An engineer must modify an existing remote access VPN using a Cisco AnyConnect Secure Mobility client solution and a Cisco Secure Firewall. Currently, all the traffic generate by the user Is sent to the VPN tunnel and the engineer must now exclude some servers and access them directly instead. Which element must be modified to achieve this goat?

ANAT exemption

Bencryption domain

Crouting table

Dgroup policy

Answer : D

To achieve the goal of excluding some servers from the VPN tunnel and accessing them directly, the engineer must modify the group policy that is applied to the remote access VPN users. The group policy contains the settings for split tunneling, which is a feature that allows the VPN client to route some traffic through the VPN tunnel and some traffic directly to the internet. Split tunneling can be configured based on the destination IP address, the application, or the domain name of the traffic. By modifying the group policy, the engineer can specify which servers or networks should be excluded from the VPN tunnel and accessed directly by the VPN client. This can improve the performance and efficiency of the VPN connection, as well as reduce the load on the VPN gateway and the corporate network. However, split tunneling also introduces some security risks, such as exposing the VPN client to internet threats, bypassing the corporate firewall and security policies, and leaking sensitive dat

a. Therefore, the engineer must carefully evaluate the trade-offs and best practices of using split tunneling for remote access VPNs.Reference:=

Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0, Module 3: Secure Connectivity, Lesson 3.1: Implementing and Troubleshooting Remote Access VPN, Topic 3.1.4: Configure and Verify Remote Access VPN, Subtopic 3.1.4.2: Configure and Verify Split Tunneling

VPN Split Tunneling: What It Is & Pros and Cons

Cisco ASA - Enable Split Tunnel for Remote VPN Clients

Question 7

Which Cisco security solution gives the most complete view of the relationships and evolution of Internet domains IPs, and flies, and helps to pinpoint attackers' infrastructures and predict future threat?

ACisco Secure Network Analytics

BCisco Secure Cloud Analytics

CCisco Umbrella Investigate

DCisco pxGrid

Answer : C

Cisco 350-701 Implementing and Operating Cisco Security Core Technologies SCOR Exam Practice Test