Free Access Cisco.350-701.v2023-08-01.q405 Practice Test (Page 6)

Question 21

An administrator is configuring a DHCP server to better secure their environment. They need to be able to ratelimit the traffic and ensure that legitimate requests are not dropped. How would this be accomplished?

A.Set a trusted interface for the DHCP server

B.Set the DHCP snooping bit to 1

C.Add entries in the DHCP snooping database

D.Enable ARP inspection for the required VLAN

Question 22

An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two.)

A.Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.

B.Set up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before allowing access on the network.

C.Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion

D.Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.

E.Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.

Question 23

Refer to the exhibit.

What will occur when this device tries to connect to the port?

A.802 1X will work and the device will be allowed on the network

B.802.1X will not work, but MAB will start and allow the device on the network.

C.802 1X and MAB will both be used and ISE can use policy to determine the access level

D.802.1X will not work and the device will not be allowed network access

Question 24

An administrator is trying to determine which applications are being used in the network but does not want the network devices to send metadata to Cisco Firepower. Which feature should be used to accomplish this?

A.NetFlow

B.Packet Tracer

C.Network Discovery

D.Access Control

Question 25

An organization has two systems in their DMZ that have an unencrypted link between them for communication. The organization does not have a defined password policy and uses several default accounts on the systems. The application used on those systems also have not gone through stringent code reviews. Which vulnerability would help an attacker brute force their way into the systems?

A.missing encryption

B.weak passwords

C.lack of input validation

D.lack of file permission

Other Version: 2675Cisco.350-701.v2025-10-04.q562; 1668Cisco.350-701.v2025-06-19.q238; 2606Cisco.350-701.v2024-12-18.q472; 3937Cisco.350-701.v2023-05-04.q372; 2855Cisco.350-701.v2023-03-16.q218; 8062Cisco.350-701.v2022-10-19.q571; 8228Cisco.350-701.v2022-07-08.q453; 4667Cisco.350-701.v2022-02-02.q204; 116Cisco.Prepawaypdf.350-701.v2021-12-15.by.ellen.316q.pdf

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 290Nokia.4A0-113.v2026-05-01.q69; 246EC-COUNCIL.312-49v11.v2026-04-30.q214; 226Microsoft.MB-820.v2026-04-30.q101; 204Salesforce.MC-202.v2026-04-30.q57; 203BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 454EMC.D-AV-DY-23.v2026-04-27.q184; 1107ServiceNow.CSA.v2026-04-27.q483

Question 21

Question 22

Question 23

Question 24

Question 25

Download PDF File