Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Cisco
  5. 350-701

Cisco 350-701 Exam Questions
Implementing and Operating Cisco Security Core Technologies (Page 11 )

Updated On: 24-Feb-2026
Page 11 of 123
PDF with 727 Questions

Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)

  1. transparent mode
  2. routed mode
  3. inline mode
  4. active mode
  5. passive monitor-only mode

Answer(s): C,D

Explanation:

You can configure your ASA FirePOWER module using one of the following deployment models:
You can configure your ASA FirePOWER module in either an inline or a monitor-only (inline tap or passive) deployment.


Reference:

https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/asdm72/firewall/asa- firewall-asdm/
modules-sfr.html



The Cisco ASA must support TLS proxy for encrypted Cisco Unified Communications traffic.
Where must the
ASA be added on the Cisco UC Manager platform?

  1. Certificate Trust List
  2. Endpoint Trust List
  3. Enterprise Proxy Service
  4. Secured Collaboration Proxy

Answer(s): A



Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?

  1. To view bandwidth usage for NetFlow records, the QoS feature must be enabled.
  2. A sysopt command can be used to enable NSEL on a specific interface.
  3. NSEL can be used without a collector configured.
  4. A flow-export event type must be defined under a policy

Answer(s): D



Which feature is supported when deploying Cisco ASAv within AWS public cloud?

  1. multiple context mode
  2. user deployment of Layer 3 networks
  3. IPv6
  4. clustering

Answer(s): B

Explanation:

The ASAv on AWS supports the following features:
+ Support for Amazon EC2 C5 instances, the next generation of the Amazon EC2 Compute Optimized instance family.
+ Deployment in the Virtual Private Cloud (VPC)
+ Enhanced networking (SR-IOV) where available
+ Deployment from Amazon Marketplace
+ Maximum of four vCPUs per instance
+ User deployment of L3 networks
+ Routed mode (default)
Note: The Cisco Adaptive Security Virtual Appliance (ASAv) runs the same software as physical Cisco ASAs to deliver proven security functionality in a virtual form factor. The ASAv can be deployed in the public AWS cloud.
It can then be configured to protect virtual and physical data center workloads that expand, contract,

or shift their location over time.


Reference:

https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asav/quick-start-book/asav-96 qsg/asavaws.html



Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System?

  1. It allows traffic if it does not meet the profile.
  2. It defines a traffic baseline for traffic anomaly deduction.
  3. It inspects hosts that meet the profile with more intrusion rules.
  4. It blocks traffic if it does not meet the profile.

Answer(s): B






Post your Comments and Discuss Cisco 350-701 exam dumps with other Community members:

Join the 350-701 Discussion