CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-701

Free 350-701 Exam Braindumps (page: 51)

Page 51 of 153
PDF with 703 Questions

An organization is implementing URL blocking using Cisco Umbrell

  1. The users are able to go to some sites but other sites are not accessible due to an error.
    Why is the error occurring?
  2. Client computers do not have the Cisco Umbrella Root CA certificate installed.
  3. IP-Layer Enforcement is not configured.
  4. Client computers do not have an SSL certificate deployed from an internal CA server.
  5. Intelligent proxy and SSL decryption is disabled in the policy

Answer(s): A

Explanation:

Other features are dependent on SSL Decryption functionality, which requires the Cisco Umbrella root certificate. Having the SSL Decryption feature improves:
Custom URL Blocking--Required to block the HTTPS version of a URL.
...
Umbrella's Block Page and Block Page Bypass features present an SSL certificate to browsers that make connections to HTTPS sites. This SSL certificate matches the requested site but will be signed by the Cisco Umbrella certificate authority (CA). If the CA is not trusted by your browser, an error page may be displayed.
Typical errors include "The security certificate presented by this website was not issued by a trusted certificate authority" (Internet Explorer), "The site's security certificate is not trusted!" (Google Chrome) or "This
Connection is Untrusted" (Mozilla Firefox). Although the error page is expected, the message displayed can be confusing and you may wish to prevent it from appearing. To avoid these error pages, install the Cisco Umbrella root certificate into your browser or the browsers of your users--if you're a network admin.


Reference:

https://docs.umbrella.com/deployment-umbrella/docs/rebrand-cisco-certificate-import- information



Which two aspects of the cloud PaaS model are managed by the customer but not the provider? (Choose two)

  1. virtualization
  2. middleware
  3. operating systems
  4. applications
  5. data

Answer(s): D,E

Explanation:

Customers must manage applications and data in PaaS.



What is an attribute of the DevSecOps process?

  1. mandated security controls and check lists
  2. security scanning and theoretical vulnerabilities
  3. development security
  4. isolated security team

Answer(s): C

Explanation:

DevSecOps (development, security, and operations) is a concept used in recent years to describe how to move security activities to the start of the development life cycle and have built-in security practices in the continuous integration/continuous deployment (CI/CD) pipeline. Thus minimizing vulnerabilities and bringing security closer to IT and business objectives.
Three key things make a real DevSecOps environment:

+ Security testing is done by the development team.
+ Issues found during that testing is managed by the development team. + Fixing those issues stays within the development team.



An engineer notices traffic interruption on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network.
What must be configured, based on a predefined threshold, to address this issue?

  1. Bridge Protocol Data Unit guard
  2. embedded event monitoring
  3. storm control
  4. access control lists

Answer(s): C

Explanation:

Storm control prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast storm on one of the physical interfaces. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation, mistakes in network configurations, or users issuing a denial-of-service attack can cause a storm. By using the "storm-control broadcast level [falling-threshold]" we can limit the broadcast traffic on the switch.



Page 51 of 153



Post your Comments and Discuss Cisco® 350-701 exam with other Community members:

David A commented on January 16, 2024
Good Colombia
Anonymous
upvote

Kim commented on May 25, 2023
I just purchased and downloaded my files. Everything looks good so far.
UNITED STATES
upvote