Using Cisco Firepower's Security Intelligence policies, upon which two criteria is Firepower block based?(Choose two)
Answer(s): A,C
Security Intelligence Sources...Custom Block lists or feeds (or objects or groups)Block specific IP addresses, URLs, or domain names using a manually-created list or feed (for IP addresses,you can also use network objects or groups.)For example, if you become aware of malicious sites or addresses that are not yet blocked by a feed, add these sites to a custom Security Intelligence list and add this custom list to the Block list in the Security Intelligence tab of your access control policy.
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc- configguide-v623/security_intelligence_blacklisting.html
Which Cisco platform ensures that machines that connect to organizational networks have the recommended antivirus definitions and patches to help prevent an organizational malware outbreak?
Answer(s): C
A posture policy is a collection of posture requirements, which are associated with one or more identity groups, and operating systems. We can configure ISE to check for the Windows patch at Work Centers > Posture > Posture Elements > Conditions > File. In this example, we are going to use the predefined file check to ensure that our Windows 10 clients have the critical security patch installed to prevent the Wanna Cry malware; and we can also configure ISE to update the client with this patch.
What are two benefits of Flexible NetFlow records? (Choose two)
Answer(s): A,D
NetFlow is typically used for several key customer applications, including the following:...Billing and accounting. NetFlow data provides fine-grained metering (for instance, flow data includes details such as IP addresses, packet and byte counts, time stamps, type of service (ToS), and application ports) for highly flexible and detailed resource utilization accounting. Service providers may use the information for billing based on time of day, bandwidth usage, application usage, quality of service, and so on. Enterprise customers may use the information for departmental charge back or cost allocation for resource utilization.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/15-mt/fnf- 15-mt-book/fnffnetflow.htmlIf the predefined Flexible NetFlow records are not suitable for your traffic requirements, you can create a userdefined (custom) record using the Flexible NetFlow collect and match commands. Before you can create a customized record, you must decide the criteria that you are going to use for the key and nonkey fields.https://www.cisco.com/en/US/docs/ios/fnetflow/configuration/guide/ cust_fnflow_rec_mon_external_docbase_0900e4b18055d0d2_4container_external_docbase_0900e 4b181b413 d9.html#wp1057997Note: Traditional NetFlow allows us to monitor from Layer 2 to 4 but Flexible NetFlow goes beyond these layers.
How does DNS Tunneling exfiltrate data?
Answer(s): A
Post your Comments and Discuss Cisco® 350-701 exam with other Community members:
David A commented on January 16, 2024 Good Colombia Anonymous upvote
Kim commented on May 25, 2023 I just purchased and downloaded my files. Everything looks good so far. UNITED STATES upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 350-701 content, but please register or login to continue.