Download Implementing and Operating Cisco Security Core Technologies.350-701.CertDumps.2024-11-28.233q.vcex

ProfExam Suite - Black Friday
Vendor: Cisco
Exam Code: 350-701
Exam Name: Implementing and Operating Cisco Security Core Technologies
Date: Nov 28, 2024
File Size: 4 MB
Downloads: 1
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAMFILESCOM

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
In which form of attack is alternate encoding, such as hexadecimal representation, most often observed?
  1. smurf
  2. distributed denial of service
  3. cross-site scripting
  4. rootkit exploit
Correct answer: C
Explanation:
cross-site scripting is a correct answer.
cross-site scripting is a correct answer.
Question 2
What is the difference between deceptive phishing and spear phishing?
  1. Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.
  2. A spear phishing campaign is aimed at a specific person versus a group of people.
  3. Spear phishing is when the attack is aimed at the C-level executives of an organization.
  4. Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a falsewebpage.
Correct answer: B
Explanation:
A spear phishing campaign is aimed at a specific person versus a group of people.
A spear phishing campaign is aimed at a specific person versus a group of people.
Question 3
Which two behavioral patterns characterize a ping of death attack? (Choose two.)
  1. The attack is fragmented into groups of 16 octets before transmission.
  2. The attack is fragmented into groups of 8 octets before transmission.
  3. Short synchronized bursts of traffic are used to disrupt TCP connections.
  4. Malformed packets are used to crash systems.
  5. Publicly accessible DNS servers are typically used to execute the attack.
Correct answer: BD
Explanation:
Reference:https://en.wikipedia.org/wiki/Ping_of_death
Reference:
https://en.wikipedia.org/wiki/Ping_of_death
Question 4
Which two mechanisms are used to control phishing attacks? (Choose two.)
  1. Enable browser alerts for fraudulent websites.
  2. Define security group memberships.
  3. Revoke expired CRL of the websites.
  4. Use antispyware software.
  5. Implement email filtering techniques.
Correct answer: AE
Explanation:
Enable browser alerts for fraudulent websites.Implement email filtering techniques.
Enable browser alerts for fraudulent websites.
Implement email filtering techniques.
Question 5
What are two rootkit types? (Choose two.)
  1. registry
  2. buffer mode
  3. user mode
  4. bootloader
  5. virtual
Correct answer: CD
Explanation:
1. Kernel rootkit2. Hardware or firmware rootkit3. Hyper-V rootkits4. Bootloader rootkit or bootkit5. Memory rootkit6. User-mode or application rootkit
1. Kernel rootkit
2. Hardware or firmware rootkit
3. Hyper-V rootkits
4. Bootloader rootkit or bootkit
5. Memory rootkit
6. User-mode or application rootkit
Question 6
How is DNS tunneling used to exfiltrate data out of a corporate network?
  1. It leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers
  2. It encodes the payload with random characters that are broken into short strings and the DNS server rebuildsthe exfiltrated data
  3. It redirects DNS requests to a malicious server used to steal user credentials, which allows further damageand theft on the network
  4. It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information orstart other attacks
Correct answer: B
Explanation:
It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data
It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data
Question 7
Which type of attack is social engineering?
  1. trojan
  2. MITM
  3. phishing
  4. malware
Correct answer: C
Explanation:
phishing is a correct answer.
phishing is a correct answer.
Question 8
What are two DDoS attack categories? (Choose two.)
  1. protocol
  2. source-based
  3. database
  4. sequential
  5. volume-based
Correct answer: AE
Explanation:
Answer A and E. There are three different general categories of DDoS attacks:Volume-based DDoS attacksApplication DDoS attacksLow-rate DoS (LDoS) attackshttps://tools.cisco.com/security/center/resources/guide_ddos_defense.html
Answer A and E. 
There are three different general categories of DDoS attacks:
Volume-based DDoS attacks
Application DDoS attacks
Low-rate DoS (LDoS) attacks
https://tools.cisco.com/security/center/resources/guide_ddos_defense.html
Question 9
In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?
  1. man-in-the-middle
  2. LDAP injection
  3. insecure API
  4. cross-site scripting
Correct answer: A
Explanation:
man-in-the-middle is a correct answer.
man-in-the-middle is a correct answer.
Question 10
Which two preventive measures are used to control cross-site scripting? (Choose two.)
  1. Enable client-side scripts on a per-domain basis.
  2. Incorporate contextual output encoding/escaping.
  3. Disable cookie inspection in the HTML inspection engine.
  4. Run untrusted HTML input through an HTML sanitization engine.
  5. SameSite cookie attribute should not be used.
Correct answer: BD
Explanation:
https://en.wikipedia.org/wiki/Cross-site_scripting#Safely_validating_untrusted_HTML_inputBandD
https://en.wikipedia.org/wiki/Cross-site_scripting#Safely_validating_untrusted_HTML_inputBandD
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!