CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-701

Free 350-701 Exam Braindumps (page: 56)

Page 56 of 153
PDF with 703 Questions

What is provided by the Secure Hash Algorithm in a VPN?

  1. integrity
  2. key exchange
  3. encryption
  4. authentication

Answer(s): A

Explanation:

The HMAC-SHA-1-96 (also known as HMAC-SHA-1) encryption technique is used by IPSec to ensure that a message has not been altered. (-> Therefore answer "integrity" is the best choice). HMAC- SHA-1 uses the SHA-1 specified in FIPS-190-1, combined with HMAC (as per RFC 2104), and is described in RFC 2404.


Reference:

https://www.ciscopress.com/articles/article.asp?p=24833&seqNum=4



A network engineer is deciding whether to use stateful or stateless failover when configuring two ASAs for high availability.
What is the connection status in both cases?

  1. need to be reestablished with stateful failover and preserved with stateless failover
  2. preserved with stateful failover and need to be reestablished with stateless failover
  3. preserved with both stateful and stateless failover
  4. need to be reestablished with both stateful and stateless failover

Answer(s): B



Which type of protection encrypts RSA keys when they are exported and imported?

  1. file
  2. passphrase
  3. NGE
  4. nonexportable

Answer(s): B



DRAG DROP (Drag and Drop is not supported)
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



The Firepower System uses network discovery and identity policies to collect host, application, and user data for traffic on your network. You can use certain types of discovery and identity data to build a comprehensive map of your network assets, perform forensic analysis, behavioral profiling, access control, and mitigate and respond to the vulnerabilities and exploits to which your organization is susceptible.
The Cisco Advanced Malware Protection (AMP) solution enables you to detect and block malware, continuously analyze for malware, and get retrospective alerts. AMP for Networks delivers network- based advanced malware protection that goes beyond point-in-time detection to protect your organization across the entire attack continuum ­ before, during, and after an attack. Designed for Cisco Firepower® network threat appliances, AMP for Networks detects, blocks, tracks, and contains malware threats across multiple threat vectors within a single system. It also provides the visibility and control necessary to protect your organization against highly sophisticated, targeted, zero-day, and persistent advanced malware threats.



Page 56 of 153



Post your Comments and Discuss Cisco® 350-701 exam with other Community members:

David A commented on January 16, 2024
Good Colombia
Anonymous
upvote

Kim commented on May 25, 2023
I just purchased and downloaded my files. Everything looks good so far.
UNITED STATES
upvote