Win IT Exam with Last Dumps 2023


Cisco 350-701 Exam

Page 13/22
Viewing Questions 121 130 out of 220 Questions
59.09%

Question 121
When configuring ISAKMP for IKEv1 Phase 1 on a Cisco IOS router, an administrator needs to input the command crypto isakmp key cisco address 0.0.0.0.The administrator is not sure what the IP address in this command is used for. What would be the effect of changing the IP address from 0.0.0.0 to 1.2.3.4?
A. The key server that is managing the keys for the connection will be at 1.2.3.4.
B. The address that will be used as the crypto validation authority.
C. All IP addresses other than 1.2.3.4 will be allowed.
D. The remote connection will only be allowed from 1.2.3.4.

Question 122
A network administrator is configuring SNMPv3 on a new router. The users have already been created, however an additional configuration is needed to facilitate access to the SNMP views. What must the administrator do to accomplish this?
A. define the encryption algorithm to be used by SNMPv3
B. set the password to be used for SNMPv3 authentication
C. map SNMPv3 users to SNMP views
D. specify the UDP port used by SNMP

Question 123
DRAG DROP -Drag and drop the NetFlow export formats from the left onto the descriptions on the right.Select and Place:
Image 350-701_123Q.png related to the Cisco 350-701 Exam
Image 350-701_123R.png related to the Cisco 350-701 Exam

Question 124
Refer to the exhibit. When configuring a remote access VPN solution terminating on the Cisco ASA, an administrator would like to utilize an external token authentication mechanism in conjunction with AAA authentication using machine certificates. Which configuration item must be modified to allow this?
Image 350-701_124Q.png related to the Cisco 350-701 Exam
A. Method
B. SAML Server
C. AAA Server Group
D. Group Policy

Question 125
An administrator is trying to determine which applications are being used in the network but does not want the network devices to send metadata to CiscoFirepower. Which feature should be used to accomplish this?
A. Network Discovery Most Voted
B. Access Control
C. Packet Tracer
D. NetFlow

Question 126
An engineer is implementing NTP authentication within their network and has configured both the client and server devices with the command ntp authentication-key 1 md5 Cisc392481137. The server at 1.1.1.1 is attempting to authenticate to the client at 1.1.1.2, however is unable to do so. Which command is required to enable the client to accept the server's authentication key?
A. ntp server 1.1.1.2 key 1
B. ntp peer 1.1.1.2 key 1
C. ntp server 1.1.1.1 key 1 Most Voted
D. ntp peer 1.1.1.1 key 1

Question 127
Due to a traffic storm on the network, two interfaces were error-disabled, and both interfaces sent SNMP traps. Which two actions must be taken to ensure that interfaces are put back into service? (Choose two.)
A. Enable the snmp-server enable traps command and wait 300 seconds.
B. Use EEM to have the ports return to service automatically in less than 300 seconds
C. Ensure that interfaces are configured with the error-disable detection and recovery feature.
D. Have Cisco Prime Infrastructure issue an SNMP set command to re-enable the ports after the preconfigured interval.
E. Enter the shutdown and no shutdown commands on the interfaces.

Question 128
Refer to the exhibit. An administrator is adding a new Cisco FTD device to their network and wants to manage it with Cisco FMC. The Cisco FTD uses a registration key of Cisc392481137 and is not behind a NAT device. Which command is needed to enable this on the Cisco FTD?
Image 350-701_128Q.png related to the Cisco 350-701 Exam
A. configure manager add 16
B. configure manager add DONTRESOLVE FTD123
C. configure manager add Most Voted
D. configure manager add DONTRESOLVE

Question 129
A network administrator needs to find out what assets currently exist on the network. Third-party systems need to be able to feed host data into Cisco Firepower.What must be configured to accomplish this?
A. a Network Analysis policy to receive NetFlow data from the host
B. a File Analysis policy to send file data into Cisco Firepower
C. a Network Discovery policy to receive data from the host
D. a Threat Intelligence policy to download the data from the host

Question 130
Which suspicious pattern enables the Cisco Tetration platform to learn the normal behavior of users?
A. file access from a different user
B. user login suspicious behavior
C. privilege escalation
D. interesting file access