CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-701

Free 350-701 Exam Braindumps (page: 55)

Page 55 of 153
PDF with 703 Questions

In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?

  1. when there is a need for traditional anti-malware detection
  2. when there is no need to have the solution centrally managed
  3. when there is no firewall on the network
  4. when there is a need to have more advanced detection capabilities

Answer(s): D

Explanation:

Endpoint protection platforms (EPP) prevent endpoint security threats like known and unknown malware.
Endpoint detection and response (EDR) solutions can detect and respond to threats that your EPP and other security tools did not catch.
EDR and EPP have similar goals but are designed to fulfill different purposes. EPP is designed to provide device-level protection by identifying malicious files, detecting potentially malicious activity, and providing tools for incident investigation and response. The preventative nature of EPP complements proactive EDR. EPP acts as the first line of defense, filtering out attacks that can be detected by the organization's deployed security solutions. EDR acts as a second layer of protection, enabling security analysts to perform threat hunting and identify more subtle threats to the endpoint.
Effective endpoint defense requires a solution that integrates the capabilities of both EDR and EPP to provide protection against cyber threats without overwhelming an organization's security team.



Which type of API is being used when a controller within a software-defined network architecture dynamically makes configuration changes on switches within the network?

  1. westbound AP
  2. southbound API
  3. northbound API
  4. eastbound API

Answer(s): B

Explanation:

Southbound APIs enable SDN controllers to dynamically make changes based on real-time demands and scalability needs.



An organization has two systems in their DMZ that have an unencrypted link between them for communication.
The organization does not have a defined password policy and uses several default accounts on the systems.
The application used on those systems also have not gone through stringent code reviews.
Which vulnerability would help an attacker brute force their way into the systems?

  1. weak passwords
  2. lack of input validation
  3. missing encryption
  4. lack of file permission

Answer(s): A



An organization has two systems in their DMZ that have an unencrypted link between them for communication.
The organization does not have a defined password policy and uses several default accounts on the systems.
The application used on those systems also have not gone through stringent code reviews.
Which vulnerability would help an attacker brute force their way into the systems?

  1. weak passwords
  2. lack of input validation
  3. missing encryption
  4. lack of file permission

Answer(s): C

Explanation:

The version 9 export format uses templates to provide access to observations of IP packet flows in a flexible and extensible manner. A template defines a collection of fields, with corresponding descriptions of structure and semantics.


Reference:

https://tools.ietf.org/html/rfc3954



Page 55 of 153



Post your Comments and Discuss Cisco® 350-701 exam with other Community members:

David A commented on January 16, 2024
Good Colombia
Anonymous
upvote

Kim commented on May 25, 2023
I just purchased and downloaded my files. Everything looks good so far.
UNITED STATES
upvote