• Home
  • Articles
  • Prepare for your exam certification with our 350-701 Certified Cisco [Q369-Q392]

Prepare for your exam certification with our 350-701 Certified Cisco [Q369-Q392]

Share

Prepare for your exam certification with our 350-701 Certified Cisco

Free Cisco 350-701 Exam 2026 Practice Materials Collection

NEW QUESTION # 369
Which Dos attack uses fragmented packets to crash a target machine?

  • A. LAND
  • B. teardrop
  • C. smurf
  • D. MITM

Answer: B

Explanation:
A teardrop attack is a denial-of-service (DoS) attack that involves sending fragmented packets to a target machine. Since the machine receiving such packets cannot reassemble them due to a bug in TCP/IP fragmentation reassembly, the packets overlap one another, crashing the target network device. This generally happens on older operating systems such as Windows 3.1x, Windows 95, Windows NT and versions of the Linux kernel prior to 2.1.63.


NEW QUESTION # 370
Drag and drop the posture assessment flow actions from the left into a sequence on the right.

Answer:

Explanation:


NEW QUESTION # 371
Which two preventive measures are used to control cross-site scripting? (Choose two.)

  • A. Disable cookie inspection in the HTML inspection engine.
  • B. Enable client-side scripts on a per-domain basis.
  • C. Run untrusted HTML input through an HTML sanitization engine.
  • D. SameSite cookie attribute should not be used.
  • E. Incorporate contextual output encoding/escaping.

Answer: B,E

Explanation:
Explanation/Reference:


NEW QUESTION # 372
Which policy represents a shared set of features or parameters that define the aspects of a managed device that are likely to be similar to other managed devices in a deployment?

  • A. Platform Service Policy
  • B. Device Management Policy
  • C. Group Policy
  • D. Access Control Policy

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/platfor the answer should be "Platform Settings Policy", not "Platform Service Policy" but it is the bestanswer here so we have to choose it.


NEW QUESTION # 373
Drag and drop the descriptions from the left onto the encryption algorithms on the right.

Answer:

Explanation:

Explanation:

ExplanationSymmetric encryption uses a single key that needs to be shared among the people who need to receive the message while asymmetric encryption uses a pair of public key and a private key to encrypt and decrypt messages when communicating.Asymmetric encryption takes relatively more time than the symmetric encryption.Diffie Hellman algorithm is an asymmetric algorithm used to establish a shared secret for a symmetric keyalgorithm. Nowadays most of the people uses hybrid crypto system i.e, combination of symmetric andasymmetric encryption. Asymmetric Encryption is used as a technique in key exchange mechanism to share secret key and after the key is shared between sender and receiver, the communication will take place using symmetric encryption. The shared secret key will be used to encrypt the communication.Triple DES (3DES), a symmetric-key algorithm for the encryption of electronic data, is the successor of DES (Data Encryption Standard) and provides more secure encryption then DES.Note: Although
"requires secret keys" option in this question is a bit unclear but it can only be assigned toSymmetric algorithm.


NEW QUESTION # 374
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?

  • A. Health Monitoring
  • B. URL Filtering
  • C. Security Intelligence
  • D. Impact Flags

Answer: A

Explanation:
A network discovery policy is required for the health monitoring feature on the Cisco Firepower Next Generation Intrusion Prevention System (NGIPS). Health monitoring allows the system to collect and display information about the health and performance of the managed devices, such as CPU, memory, disk, and interface utilization, as well as the status of various processes and services. Health monitoring also enables the system to generate alerts and notifications when certain thresholds or conditions are met or violated.
To enable health monitoring, the system must have access to the network data from the managed devices, which is provided by the network discovery policy. The network discovery policy controls how the system collects data on the network assets and which network segments and ports are monitored. The network discovery policy also specifies the zones to which the policy is deployed, which determines the scope of the health monitoring data. Without a network discovery policy, the system cannot perform health monitoring on the NGIPS devices.
References :=
1: Network Discovery Policies, Cisco Firepower Management Center Configuration Guide, Version 7.0, page
1. 2: Health Monitoring, Cisco Firepower Management Center Configuration Guide, Version 7.0, page 1.


NEW QUESTION # 375
Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.

Answer:

Explanation:


NEW QUESTION # 376
Which service allows a user export application usage and performance statistics with Cisco Application Visibility and control?

  • A. SNMP
  • B. SNORT
  • C. NetFlow
  • D. 802.1X

Answer: C

Explanation:
ExplanationApplication Visibility and control (AVC) supports NetFlow to export application usage and performancestatistics. This data can be used for analytics, billing, and security policies.


NEW QUESTION # 377
Refer to the exhibit.

When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to utilize an external token authentication mechanism in conjunction with AAA authentication using machine certificates. Which configuration item must be modified to allow this?

  • A. Method
  • B. Group Policy
  • C. SAML Server
  • D. DHCP Servers

Answer: A

Explanation:
In order to use AAA along with an external token authentication mechanism, set the "Method" as "Both" in the Authentication.


NEW QUESTION # 378
Drag and drop the Firepower Next Generation Intrusion Prevention System detectors from the left onto the correct definitions on the right.

Answer:

Explanation:


NEW QUESTION # 379
Which open source tool does Cisco use to create graphical visualizations of network telemetry on Cisco IOS XE devices?

  • A. Grafana
  • B. Splunk
  • C. SNMP
  • D. InfluxDB

Answer: A

Explanation:
Grafana is an open source tool that displays graphs and counters for data streamed from network devices.
Cisco uses Grafana to create graphical visualizations of network telemetry on Cisco IOS XE devices, which support model-driven telemetry. Model-driven telemetry is a new approach for network monitoring in which data is streamed from network devices continuously using a push model and provides near real-time access to operational statistics. Applications can subscribe to specific data items they need, by using standard-based YANG data models over NETCONF-YANG. Cisco IOS XE streaming telemetry allows to push data off of the device to an external collector at a much higher frequency, more efficiently, as well as data on-change streaming. Grafana uses the data from InfluxDB database to build dashboards and graphs. InfluxDB is a time-series database that stores the telemetry data received from the network devices. Telegraf is an agent that collects the telemetry data from the network devices and pushes it to InfluxDB. The TIG software stack refers to the three open-source software components that enable receiving, storing, and visualization the telemetry data: Telegraf, InfluxDB, and Grafana. References :=
* Enterprise Streaming Telemetry and You: Getting Started with Model Driven Telemetry - Cisco Blogs
* Explore Model-Driven Telemetry - Cisco Blogs
* Telemetry Configuration Guide for Cisco 8000 Series Routers, IOS XR Release 7.8.x - Dial-Out Telemetry Session from Router to Destination
* Free 350-701 Implementing and Operating Cisco Security Core Technologies Practice Test Questions


NEW QUESTION # 380
An engineer configures new features within the Cisco Umbrella dashboard and wants to identify and proxy traffic that is categorized as risky domains and may contain safe and malicious content. Which action accomplishes these objectives?

  • A. Configure intelligent proxy within Cisco Umbrella to intercept and proxy the requests for only those categories.
  • B. Upload the threat intelligence database to Cisco Umbrella for the most current information on reputations and to have the destination lists block them.
  • C. Configure URL filtering within Cisco Umbrella to track the URLs and proxy the requests for those categories and below.
  • D. Create a new site within Cisco Umbrella to block requests from those categories so they can be sent to the proxy device.

Answer: A


NEW QUESTION # 381
How does Cisco Advanced Phishing Protection protect users?

  • A. It utilizes sensors that send messages securely.
  • B. It validates the sender by using DKIM.
  • C. It determines which identities are perceived by the sender
  • D. It uses machine learning and real-time behavior analytics.

Answer: D

Explanation:
Cisco Advanced Phishing Protection provides sender authentication and BEC detection capabilities. It uses advanced machine learning techniques, real-time behavior analytics, relationship modeling, and telemetry to protect against identity deception-based threats.


NEW QUESTION # 382
Refer to the exhibit.

When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to utilize an external token authentication mechanism in conjunction with AAA authentication using machine certificates. Which configuration item must be modified to allow this?

  • A. Method
  • B. Group Policy
  • C. SAML Server
  • D. DHCP Servers

Answer: A

Explanation:
In order to use AAA along with an external token authentication mechanism, set the "Method" as "Both" in the Authentication.


NEW QUESTION # 383
What is the process In DevSecOps where all changes In the central code repository are merged and synchronized?

  • A. CI
  • B. QA
  • C. EP
  • D. CD

Answer: A


NEW QUESTION # 384
Which CoA response code is sent if an authorization state is changed successfully on a Cisco IOS device?

  • A. CoA-ACK
  • B. CoA-NCL
  • C. -
  • D. CoA-NAK

Answer: A

Explanation:
CoA-ACK is the CoA response code that is sent if an authorization state is changed successfully on a Cisco IOS device. CoA-ACK stands for CoA acknowledgment, which indicates that the device has received and processed the CoA request from the server and applied the new authorization settings to the session. The attributes returned within a CoA-ACK can vary based on the CoA request, such as session reauthentication, session termination, or session modification. The other options are not correct because they are not valid CoA response codes. CoA-NCL, CoA-NAK, and CoA-MAV are not defined in RFC 5176, which specifies the CoA protocol. CoA-NAK is the closest option, but it stands for CoA non-acknowledgment, which indicates that the device has rejected the CoA request from the server due to some error or inconsistency. References := Some possible references are:
* RADIUS Change of Authorization - Cisco
* Security and VPN Configuration Guide, Cisco IOS XE 17.x
* RFC 5176 - Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)


NEW QUESTION # 385
An organization is implementing URL blocking using Cisco Umbrell
a. The users are able to go to some sites
but other sites are not accessible due to an error. Why is the error occurring?

  • A. Client computers do not have an SSL certificate deployed from an internal CA server.
  • B. Client computers do not have the Cisco Umbrella Root CA certificate installed.
  • C. IP-Layer Enforcement is not configured.
  • D. Intelligent proxy and SSL decryption is disabled in the policy

Answer: B

Explanation:
Explanation: Explanation: Other features are dependent on SSL Decryption functionality, which requires the Cisco Umbrella root certificate. Having the SSL Decryption feature improves: Custom URL Blocking-Required to block the HTTPS version of a URL. ... Umbrella's Block Page and Block Page Bypass features present an SSL certificate to browsers that make connections to HTTPS sites. This SSL certificate matches the requested site but will be signed by the Cisco Umbrella certificate authority (CA). If the CA is not trusted by your browser, an error page may be displayed. Typical errors include "The security certificate presented by this website was not issued by a trusted certificate authority" (Internet Explorer), "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). Although the error page is expected, the message displayed can be confusing and you may wish to prevent it from appearing. To avoid these error pages, install the Cisco Umbrella root certificate into your browser or the browsers of your users-if you're a network admin. Reference: https://docs.umbrella.com/deployment-umbrella/docs/rebrand-cisco-certificate-import-information Explanation:
Other features are dependent on SSL Decryption functionality, which requires the Cisco Umbrella root certificate. Having the SSL Decryption feature improves:
Custom URL Blocking-Required to block the HTTPS version of a URL.
...
Umbrella's Block Page and Block Page Bypass features present an SSL certificate to browsers that make connections to HTTPS sites. This SSL certificate matches the requested site but will be signed by the Cisco Umbrella certificate authority (CA). If the CA is not trusted by your browser, an error page may be displayed.
Typical errors include "The security certificate presented by this website was not issued by a trusted certificate authority" (Internet Explorer), "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). Although the error page is expected, the message displayed can be confusing and you may wish to prevent it from appearing.
To avoid these error pages, install the Cisco Umbrella root certificate into your browser or the browsers of your users-if you're a network admin.
Explanation: Explanation: Other features are dependent on SSL Decryption functionality, which requires the Cisco Umbrella root certificate. Having the SSL Decryption feature improves: Custom URL Blocking-Required to block the HTTPS version of a URL. ... Umbrella's Block Page and Block Page Bypass features present an SSL certificate to browsers that make connections to HTTPS sites. This SSL certificate matches the requested site but will be signed by the Cisco Umbrella certificate authority (CA). If the CA is not trusted by your browser, an error page may be displayed. Typical errors include "The security certificate presented by this website was not issued by a trusted certificate authority" (Internet Explorer), "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox). Although the error page is expected, the message displayed can be confusing and you may wish to prevent it from appearing. To avoid these error pages, install the Cisco Umbrella root certificate into your browser or the browsers of your users-if you're a network admin. Reference: https://docs.umbrella.com/deployment-umbrella/docs/rebrand-cisco-certificate-import-information


NEW QUESTION # 386
Why is it important to have a patching strategy for endpoints?

  • A. so that functionality is increased on a faster scale when it is used
  • B. to take advantage of new features released with patches
  • C. so that known vulnerabilities are targeted and having a regular patch cycle reduces risks
  • D. so that patching strategies can assist with disabling nonsecure protocols in applications

Answer: C


NEW QUESTION # 387
Which two activities can be done using Cisco DNA Center? (Choose two)

  • A. Provision
  • B. Accounting
  • C. DHCP
  • D. Design
  • E. DNS

Answer: A,D

Explanation:
Reference: https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06- dna-center-so-cte-en.html


NEW QUESTION # 388
What is the recommendation in a zero-trust model before granting access to corporate applications and resources?

  • A. to disconnect from the network when inactive
  • B. to use multifactor authentication
  • C. to use a wired network, not wireless
  • D. to use strong passwords

Answer: B

Explanation:
The zero-trust model is a modern security strategy that assumes breach and verifies each request as though it originates from an open network. The main concept behind the zero-trust model is "never trust, always verify", which means that users and devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if they were previously verified12 One of the principles of the zero-trust model is to verify explicitly, which means to always authenticate and authorize based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies13 To achieve this, the zero-trust model recommends using multifactor authentication (MFA), which is a method of verifying a user's identity by requiring two or more pieces of evidence, such as something the user knows (e.g., password, PIN), something the user has (e.g., token, smart card), or something the user is (e.g., fingerprint, face scan). MFA provides a higher level of security than using only a single factor, such as a password, which can be easily compromised or guessed.
MFA also reduces the risk of unauthorized access to corporate applications and resources, which may contain sensitive or confidential information.
Therefore, the recommendation in a zero-trust model before granting access to corporate applications and resources is to use multifactor authentication, as it ensures that only verified and authorized users and devices can access the data they need, and nothing more13 References := 1: Zero Trust Model - Modern Security Architecture | Microsoft Security 2: Zero trust security model - Wikipedia 3: What is Zero Trust? | Microsoft Learn : Multifactor Authentication (MFA) | Cisco


NEW QUESTION # 389
An engineer notices traffic interruption on the network. Upon further investigation, it is learned that broadcast packets have been flooding the network. What must be configured, based on a predefined threshold, to address this issue?

  • A. Storm Control
  • B. embedded event monitoring
  • C. access control lists
  • D. Bridge Protocol Data Unit guard

Answer: A

Explanation:
Explanation
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/command/eem-cr-book/eem-cr-e1.html


NEW QUESTION # 390
Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?

  • A. Linux and Windows operating systems
  • B. user input validation in a web page or web application
  • C. web page images
  • D. database

Answer: B

Explanation:
SQL injection usually occurs when you ask a user for input, like their username/userid, but the user gives ("injects") you an SQL statement that you will unknowingly run on your database. For example:
Look at the following example, which creates a SELECT statement by adding a variable (txtUserId) to a select string. The variable is fetched from user input (getRequestString):
txtUserId = getRequestString("UserId");
txtSQL = "SELECT * FROM Users WHERE UserId = " + txtUserId;
If user enter something like this: "100 OR 1=1" then the SQL statement will look like this:
SELECT * FROM Users WHERE UserId = 100 OR 1=1;
The SQL above is valid and will return ALL rows from the "Users" table, since OR 1=1 is always TRUE. A hacker might get access to all the user names and passwords in this database.


NEW QUESTION # 391
Which two features of Cisco DNA Center are used in a Software Defined Network solution? (Choose two)

  • A. assurance
  • B. encryption
  • C. automation
  • D. accounting
  • E. authentication

Answer: A,C

Explanation:
Explanation What Cisco DNA Center enables you to do Automate: Save time by using a single dashboard to manage and automate your network. Quickly scale your business with intuitive workflows and reusable templates. Configure and provision thousands of network devices across your enterprise in minutes, not hours. Secure policy: Deploy group-based secure access and network segmentation based on business needs. With Cisco DNA Center, you apply policy to users and applications instead of to your network devices. Automation reduces manual operations and the costs associated with human errors, resulting in more uptime and improved security. Assurance then assesses the network and uses context to turn data into intelligence, making sure that changes in the network device policies achieve your intent. Assurance: Monitor, identify, and react in real time to changing network and wireless conditions. Cisco DNA Center uses your network's wired and wireless devices to create sensors everywhere, providing real-time feedback based on actual network conditions. The Cisco DNA Assurance engine correlates network sensor insights with streaming telemetry and compares this with the current context of these data sources. With a quick check of the health scores on the Cisco DNA Center dashboard, you can see where there is a performance issue and identify the most likely cause in minutes. Extend ecosystem: With the new Cisco DNA Center platform, IT can now integrate Cisco solutions and thirdparty technologies into a single network operation for streamlining IT workflows and increasing business value and innovation. Cisco DNA Center allows you to run the network with open interfaces with IT and business applications, integrates across IT operations and technology domains, and can manage heterogeneous network devices. Reference: <https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06- cisco-dna-center-aag-cte-en.html> What Cisco DNA Center enables you to do Automate: Save time by using a single dashboard to manage and automate your network. Quickly scale your business with intuitive workflows and reusable templates. Configure and provision thousands of network devices across your enterprise in minutes, not hours.
Secure policy: Deploy group-based secure access and network segmentation based on business needs. With Cisco DNA Center, you apply policy to users and applications instead of to your network devices. Automation reduces manual operations and the costs associated with human errors, resulting in more uptime and improved security. Assurance then assesses the network and uses context to turn data into intelligence, making sure that changes in the network device policies achieve your intent.
Assurance: Monitor, identify, and react in real time to changing network and wireless conditions. Cisco DNA Center uses your network's wired and wireless devices to create sensors everywhere, providing real-time feedback based on actual network conditions. The Cisco DNA Assurance engine correlates network sensor insights with streaming telemetry and compares this with the current context of these data sources. With a quick check of the health scores on the Cisco DNA Center dashboard, you can see where there is a performance issue and identify the most likely cause in minutes.
Extend ecosystem: With the new Cisco DNA Center platform, IT can now integrate Cisco solutions and thirdparty technologies into a single network operation for streamlining IT workflows and increasing business value and innovation. Cisco DNA Center allows you to run the network with open interfaces with IT and business applications, integrates across IT operations and technology domains, and can manage heterogeneous network devices.
Explanation What Cisco DNA Center enables you to do Automate: Save time by using a single dashboard to manage and automate your network. Quickly scale your business with intuitive workflows and reusable templates. Configure and provision thousands of network devices across your enterprise in minutes, not hours. Secure policy: Deploy group-based secure access and network segmentation based on business needs. With Cisco DNA Center, you apply policy to users and applications instead of to your network devices. Automation reduces manual operations and the costs associated with human errors, resulting in more uptime and improved security. Assurance then assesses the network and uses context to turn data into intelligence, making sure that changes in the network device policies achieve your intent. Assurance: Monitor, identify, and react in real time to changing network and wireless conditions. Cisco DNA Center uses your network's wired and wireless devices to create sensors everywhere, providing real-time feedback based on actual network conditions. The Cisco DNA Assurance engine correlates network sensor insights with streaming telemetry and compares this with the current context of these data sources. With a quick check of the health scores on the Cisco DNA Center dashboard, you can see where there is a performance issue and identify the most likely cause in minutes. Extend ecosystem: With the new Cisco DNA Center platform, IT can now integrate Cisco solutions and thirdparty technologies into a single network operation for streamlining IT workflows and increasing business value and innovation. Cisco DNA Center allows you to run the network with open interfaces with IT and business applications, integrates across IT operations and technology domains, and can manage heterogeneous network devices. Reference: <https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06- cisco-dna-center-aag-cte-en.html>


NEW QUESTION # 392
......

Pass Cisco 350-701 Actual Free Exam Q&As Updated Dump: https://www.practicevce.com/Cisco/350-701-practice-exam-dumps.html

350-701 Exam Info and Free Practice Test All-in-One Exam Guide May-2026: https://drive.google.com/open?id=1SjcEUujIdPgIxDN-usvQ08hZ6FvJIhOu

Related Articles

more
Cisco 350-701 Certification Practice Exam