CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 350-701

Free 350-701 Exam Braindumps (page: 75)

Page 75 of 153
PDF with 703 Questions

Which Talos reputation center allows for tracking the reputation of IP addresses for email and web traffic?

  1. IP and Domain Reputation Center
  2. File Reputation Center
  3. IP Slock List Center
  4. AMP Reputation Center

Answer(s): A



An engineer is configuring IPsec VPN and needs an authentication protocol that is reliable and supports ACK
and sequence.
Which protocol accomplishes this goal?

  1. AES-192
  2. IKEv1
  3. AES-256
  4. ESP

Answer(s): D



An administrator is establishing a new site-to-site VPN connection on a Cisco IOS router. The organization needs to ensure that the ISAKMP key on the hub is used only for terminating traffic from the IP address of
172.19.20.24.
Which command on the hub will allow the administrator to accomplish this?

  1. crypto ca identity 172.19.20.24
  2. crypto isakmp key Cisco0123456789 172.19.20.24
  3. crypto enrollment peer address 172.19.20.24
  4. crypto isakmp identity address 172.19.20.24

Answer(s): B

Explanation:

The command "crypto isakmp identity address 172.19.20.24" is not valid. We can only use "crypto isakmp identity {address | hostname}. The following example uses preshared keys at two peers and sets both their
ISAKMP identities to the IP address.
At the local peer (at 10.0.0.1) the ISAKMP identity is set and the preshared key is specified:
crypto isakmp identity address crypto isakmp key sharedkeystring address 192.168.1.33 At the remote peer (at 192.168.1.33) the ISAKMP identity is set and the same preshared key is specified:
crypto isakmp identity address crypto isakmp key sharedkeystring address 10.0.0.1


Reference:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec- crc4.html#wp3880782430
The command "crypto enrollment peer address" is not valid either. The command "crypto ca identity ..." is only used to declare a trusted CA for the router and puts you in the caidentity configuration mode. Also it should be followed by a name, not an IP address. For example: "crypto ca identity CA-Server" -> Answer A is not correct.
Only answer B is the best choice left.



What is a difference between an XSS attack and an SQL injection attack?

  1. SQL injection is a hacking method used to attack SQL databases, whereas XSS attacks can exist in many different types of applications
  2. XSS is a hacking method used to attack SQL databases, whereas SQL injection attacks can exist in many different types of applications
  3. SQL injection attacks are used to steal information from databases whereas XSS attacks are used to redirect users to websites where attackers can steal data from them
  4. XSS attacks are used to steal information from databases whereas SQL injection attacks are used to redirect users to websites where attackers can steal data from them

Answer(s): C

Explanation:

In XSS, an attacker will try to inject his malicious code (usually malicious links) into a database.
When other users follow his links, their web browsers are redirected to websites where attackers can steal data from them. In a SQL Injection, an attacker will try to inject SQL code (via his browser) into forms, cookies, or HTTP headers that do not use data sanitizing or validation methods of GET/POST parameters.



Page 75 of 153



Post your Comments and Discuss Cisco® 350-701 exam with other Community members:

David A commented on January 16, 2024
Good Colombia
Anonymous
upvote

Kim commented on May 25, 2023
I just purchased and downloaded my files. Everything looks good so far.
UNITED STATES
upvote