New questions SCOR 350-701
1) Which two capabilities of integration APIs are utilized with cisco DNA center(choose
two)
A.
B.
C.
D.
E.
Upgrade software on switches and routers
Automatically deploy new virtual routers
Connect to ITSM platforms
Third party reporting
Create new SSIDs on a wireless LAN controller
Answer C, D
2) An engineer wants to assign a printer to a different LAN than it is statically
configured on the switch port which CoA type Should the engineer use?
A.
B.
C.
D.
CoA-Terminate
No-CoA
Port-Bounce
CoA-Reauth
Answer C
3) An administrator needs to be able to have a router securely with a network
management system. The connections must be authenticated but not encrypted.
While meeting these requirements which command will create a group that allows a
user on the network management system access to the router?
A)
B)
C)
D)
SNMP server group <group name> v2c
SNMP server group <group name> v3 priv write <view name>
SNMP server group <group name> v3 auth
SNMP server group <group name> v2c write <view name?
Answer C
4) What are two core components of a cisco Umbrella solution (choose two)
A.
B.
C.
D.
E.
Cloud container platform
DNS layer security
Cisco ISE
Transport Layer Security
Cloud access security broke
Answer D, E
5)
Which solution provides a comprehensive views of internet domains ,IP address ,
and autonomous system to help pinpoint attackers and malicious infrastructures ?
A.
B.
C.
D.
Cisco Advanced Malware Investigate
Cisco Umbrella investigate
Cisco Tetration Cloud
Cisco thread indication Database
Answer B
6) A network engineer has been tasked with configuring OSPF neighbor authentication
on the WAN router for a branch office. The WAN router connects to the OSPF
backbone area via an MPLS circuit that terminates on interface GigabitEthernet
0/0/0. The router id for this router is tied to the loopback0 interface. The password
that should be used for neighbor authentication and this password should be
encrypted when transmitted over the WAN. Which two IOS commands are required
to enable OSPF neighbor authentication on this scenario? (Choose two)
A.
B.
C.
D.
E.
Ip ospf message-digest-key under the GigabitEthernet0/0/0 interface configuration
Ip ospf authentication-key under Loopback0 interface configuration
Service password-encryption under global configuration mode
Area 0 authentication under the OSPF routing process configuration
Area 0 authentication message-digest under the OSPF routing process configuration
Answer A, E
7)How can Cisco Tetration connect to something within customer/3rd party network if
the customer/3rd party network doesn’t allow incoming connections:
A. Reverse tunnel
B. GRE tunnel
C. Source NAT
D. Destination NAT
Answer A
8) With Cisco security platform is integrated into an organization’s cloud environment
on AWS, google cloud , or AZUR to provide agentless visibility across the network by
using advance machine learning and behavioral analytics ?
A.
B.
C.
D.
Cisco ISE cloud
Cisco stealthwatch cloud
Cisco ASAv
Cisco AMP cloud
Answer is B
9) An engineer is configuring DHCP snooping on a cisco switch and wants to ensure that
a DHCP packet will be dropped. Under which condition this will occur?
A. A packet from a DHCP server is received from inside the network or firewall
B. A packet is received on an untrusted interface and the source MAC Address and the
DHCP client hardware address do not match
C. A DHCP relay agent forwards a DHCP packet that includes a relay-agent IP address
that is 0.0.0.0
D. All packets are dropped until the administrator manually enters the approved servers
into the DHCP snooping database
Answer is B
10) What are two individual sites specified to be blocked listed in cisco umbrella?
A.
B.
C.
D.
Application settings
Destination lists
Content categories
Security settings
Answer is B
11) While using Cisco Firepower’s Security intelligence policies, which two criteria is
blocking based upon? (Choose two)
A.
B.
C.
D.
E.
IP address
Mac address
Protocol IDs
Port numbers
URls
Answer is A, E
12) Which Cisco solution secures the cloud users, data, and application with the cloudnative CASB and cloud cybersecurity platform
A.
B.
C.
D.
Cisco Umbrella
Cisco App dynamics
Cisco Cloudlock
Cisco Stealthwatch
13) An engineer wants to assign a printer to a different VLAN than what is statically
configured on the switch port. Which CoA type should the engineer use?
A.
B.
C.
D.
Answer is C
CoA-terminate
No-CoA
Port-Bounce
CoA-Reauth
14) Which actions configure the IEEE 802.11x Flexible Authentication feature to support
Layer 3 authentications mechanisms?
A. Modify the Dot1X configuration on the VPN server to send Layer 3
authentications to an external authentication database.
B. Add MAB into the switch to allow redirection to a Layer 3 device for
authentication
C. Identify the devices using this feature and create a policy that allows them to
pass Layer2 authentication
D. Configure WebAuth so the hosts are redirected to a web page for authentication
Answer is D
15) An engineer is configuring DHCP snooping on a Cisco switch and wants to ensure
that a DHCP packet will be dropped. Under which condition will this occur?
A. A packet from DHCP server is received from inside the network or firewall
B. A packet is received on an untrusted interface, and the source MAC address and the
DHCP client hardware address do not match
C. A DHCP relay agent forwards a DHCP packet that includes a relay-agents IP address
that is 0.0.0.0
D. All packets are dropped until the administrator manually enters the approved
servers into the DHCP snooping database
Answer is B
16) A network Administrator is using the Cisco ESA with AMP to upload files to the cloud
for analysis. The network is congested and is affecting communication. How will the
Cisco ESA handle any files which need analysis?
A. The Cisco ESA immediately makes another attempt to upload the file
B. The file is abandoned
C. Cisco AMP calculates the SHA-256 fingerprint, caches it, and periodically
attempts the upload
D. The files are queued for upload when connectivity is restored
Answer is B
17) Which action adds IOCs to customize detections for a new attack?
A. Upload the IOCs into the installed Endpoint IOC feature within Cisco AMP For
Endpoints.
B. Use the initiate Endpoint IOC scan feature to gather the IOC information and
push it to the clients.
C. Modify the base policy within Cisco AMP for Endpoints to include simple custom
detections.
D. Add a custom Advanced detection to include the IOCs needed within Cisco For
endpoints.
Answer is A
18) How can Cisco Tetration connect to something within customer/3rd party network if
the customer/3rd party network doesn’t allow incoming connections:
A. Reverse tunnel
B. GRE tunnel
C. Source NAT
D. Destination NAT
Answer is A
19) how to connect stealthwatch cloud to on premises datacenter
A. public ip
B. private ip
C. nat id
D. unique key
Answer is B
20) which platform besides the Cisco ASA should be deployed to provide content
redirection usind Direct-To-Tower methods without the need for the customer to
send traffic using PAC files or third-party proxies?
A.
B.
C.
D.
Cisco ASR
Cisco ISR
Cisco WSA
Cisco CWS
Answer is D
21) An organization us using routers in their private cloud infrastructure. They must
upgrader their code to address vulnerabilities within their running code version.
Who is responsible for these upgrades?
A.
B.
C.
D.
The cloud vendor is responsible for updating all code hosted in the cloud
The cloud service provider must be asked perform the upgrade
The organization must upgrade the code for the devices they manage
The CSR1000v is upgraded automatically as new code becomes available
Answer is A
22) Which action blocks specific IP address whenever a computer with Cisco AMP for
Endpoints installed connects to the network?
A.
B.
C.
D.
Create a simple custom detection policy and add the IP address
Create an application block list and add the IP address
Create an advanced custom detection policy and add the IP address
Create an IP Block & Allow list and add the IP address
Answer is D
23) A company has an infrastructure ACI policy on its perimeter router that denies FC
1918 address, unused address ranges, any packets that use the IP address range that
is assigned to the internal IP infrastructure, and 127.0.0.1. All these rules apply to
incoming traffic from the internet. Which two attacks are prevented by using this
method? (Choose two)
A.
B.
C.
D.
E.
Losing the line protocol keep-alives and routing protocol update
Spoofing the IP address of another customer to steal service
DOS attack that cause high CPU utilization
Gaining of access to network devices using a spoofed address
Routing processor resource exhaustion
Answer B, D
24) Which two tasks are required when a decryption policy is implemented on a Cisco
WSA? (Choose two)
A. Upload a root certificate and private key
B.
C.
D.
E.
Enable HTTPS attack protection
Enable real-time revocation status checking
Configure invalid certificate handing
Enable the HTTPS proxy.
Answer is A, E
25) What is a difference between GRE over IPsec and IPsec with crypto map?
A.
B.
C.
D.
GRE over IPsec supports non-IP protocols
Multicast traffic is supported by IPsec with crypto map
GRE provides its own encryption mechanism.
IPsec with crypto map offers better scalability
Answer is A
26) Which attack gives unauthorized access to files on the web server?
A.
B.
C.
D.
Broadcast storm
DHCP snooping
Distributed DoS
Path several
Answer is D
27) Which VPN provides scalability for organizations with many remote sites?
A.
B.
C.
D.
SSL VPN
Site-to-site IPsec
DMVPN
GRE over IPsec
Answer is C
28) When an assessment of cloud services and applications is conducted. Which tool is
used to show user activity and data usage across the applications?
A.
B.
C.
D.
Cisco ISE
Cisco ASA
Cisco AMP Private Cloud
Cisco Cloudlock
Answer is D
29) What are two examples of code injection vulnerabilities?
A.
B.
C.
D.
E.
Session hijacking
Cross-site-scripting
XML external entity injection
Arbitrary command injection
SQL injection
Answer is B,E
30) A network engineer must secure a Cisco switch from a MAC address flooding attack
by allowing only the MAC address of currently connected PC on port Gi1/0/28.
Which Cisco IOS command must be run to check if that MAC address is currently
known and is the only MAC address allowed on that port?
A.
B.
C.
D.
Show port-security
Show Port-security interface GigabitEthernet 1/0/28.
Show Port-security interface GigabitEthernet 1/0/28/
Show port-security address
Answer is B
31) Which problem is solved by deploying a multicontext firewall?
A.
B.
C.
D.
Overlapping IP addressing plan
Faster inspection
More secure policy
Resilient high availability design
Answer is A
32) What are two targets in cross-site scripting attacks?
A.
B.
C.
D.
E.
Footer
Cookie
Image
Input
Header
Answer is B,D
33) An administrator wants to ensure that the organization’s remote access VPN devices
can connect to the VPN without the user logging into the devices. Which action
accomplishes this task?
A. Modify the Cisco AnyConnect Client image to start before logon and use the users
cached credentials for authentication.
B. Change the Cisco AnyConnect Connection Profile to allow for authentication prior to
logon and use the user certificate for authentication
C. Configure the Start Before Logon feature in the Cisco AnyConnect Client and use
certificate authentication
D. Add the Auto Connect feature in the Cisco AnyConnect Group Policy and use the
machine certificate as the authentication indentity.
Answer is C
34) Which type of API is being used when a security application notifies a controller
within a software-defined network architecture about a specific threat?
A.
B.
C.
D.
Westbound API
Southbound API
Eastbound API
Northbound API
Answer is D
35) Which API technology with SDN architecture is used to communicate with a
controller and network devices such as routers and switches?
A.
B.
C.
D.
Northbound APIs
Unprotected APIs
Southbound APIs
Rest APIs
Answer is C
36) Which security mechanism is designed to protect against offline brute-force attacks?
A.
B.
C.
D.
Salt
CAPTCHA
MFA
Token
Answer is C
37) Which process is used to obtain a certificate from a CA?
A.
B.
C.
D.
Enrollment
Signing
Approval
Registration
Answer is A
38) Which two products are used to forecast capacity needs accurately in real time?
A.
B.
C.
D.
E.
Cisco Workload Optimization Manager
Cisco Cloudlock
Cisco AppDynamics
Cisco Umbrella
Cisco Tetration
Answer is A, C
39) Which two algorithms must be used when an engineer is creating a connection that
will have classified data across it? (choose two)
A.
B.
C.
D.
E.
SHA-384
RC4
RSA -3072
AES-256
ECDSA-256
Answer is A,D
40) Which common exploit method is TLS 1.3 designed to prevent?
A.
B.
C.
D.
Man-in-the-middle attack
Cross-site-request forgery
Cross-site-scripting
Denial-of-service attack
Answer is B
41) A website administrator wants to prevent SQL injection attacks the company’s
customer database, which is referenced by the web server. Which two methods help
prevent SQL injection attacks? (Choose two)
A. using load balancers with NAT
B.
C.
D.
E.
enforcing TLS 1.3 only
using SSL certificates
using web application firewalls
performing input validation
answer is D,E
42) Which two types of connectors are used to generate telemetry data from IPFIX
records in a Cisco implementation? (Choose two)
A.
B.
C.
D.
E.
ADC
ERSPAN
Cisco ASA
NetFlow
Cisco Secure Workload
Answer is B, D
43) An engineer is configuring a Cisco Cloud Email Security instance to send logs to an
external server for auditing. For security purposes, a username and SSH key has been
generated on the remote log server that accepts only the SSHv2 protocol. Which log
retrieval method must be configured in the log subscription?
A.
B.
C.
D.
Syslog push
FTP push
Manually download
SCP push
Answer is D
44) A network Administrator is setting up Cisco FMC to send logs to Cisco Security
Analytics and Logging (SaaS). The network administrator is anticipating a high
volume of logging events from the firewalls and wants to limit the strain on firewall
resources. Which method must be the administrator use to send these logs to Cisco
Security Analytics and Logging?
A.
B.
C.
D.
SFTP using the FMC CLI
HTTP POST using the Security Analytics FMC plugin
Direct connection using SNMP traps
Syslog using the Secure Event Connector
Answer is D