Free Access Cisco.350-701.v2022-10-19.q571 Practice Test (Page 27)

Question 126

In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?

A.when there is no need to have the solution centrally managed

B.when there is a need to have more advanced detection capabilities

C.when there is no firewall on the network

D.when there is a need for traditional anti-malware detection

Question 127

An engineer is configuring 802.1X authentication on Cisco switches in the network and is using CoA as a mechanism. Which port on the firewall must be opened to allow the CoA traffic to traverse the network?

A.TCP 6514

B.UDP 1700

C.TCP 49

D.UDP 1812

Question 128

An organization wants to secure data in a cloud environment. Its security model requires that all users be authenticated and authorized. Security configuration and posture must be continuously validated before access is granted or maintained to applications and dat a. There is also a need to allow certain application traffic and deny all other traffic by default. Which technology must be used to implement these requirements?

A.Virtual routing and forwarding

B.Microsegmentation

C.Access control policy

D.Virtual LAN

Question 129

What is a commonality between DMVPN and FlexVPN technologies?

A.FlexVPN and DMVPN use the new key management protocol, IKEv2

B.FlexVPN and DMVPN use IS-IS routing protocol to communicate with spokes

C.IOS routers run the same NHRP code for DMVPN and FlexVPN

D.FlexVPN and DMVPN use the same hashing algorithms

Question 130

An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?

A.Set a trusted interface for the DHCP server

B.Set the DHCP snooping bit to 1

C.Add entries in the DHCP snooping database

D.Enable ARP inspection for the required VLAN