Cisco Updated 350-701 Exam Questions and Answers by jasmin

DevSecOps is a development practice that integrates security into all phases of the software development lifecycle, from initial design through integration, testing, deployment, and software delivery. DevSecOps focuses on application development, as it aims to deliver secure and robust applications that meet the customers’ needs and expectations. DevSecOps also makes security a shared responsibility of development, security, and operations teams, rather than a separate silo. DevSecOps enables faster and safer software delivery by automating security processes and tools, and addressing security issues as they emerge, rather than at the end of the cycle.

References :=

Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0, Module 6: Securing the Data Center, Lesson 6.2: DevSecOps

What Is DevSecOps? Definition and Best Practices | Microsoft Security

What is DevSecOps? | IBM

What is DevSecOps? | DevSecOps vs. DevOps | VMware

create an application control blocked applications list. This option allows you to specify a list of files that you want to prevent from running on the endpoints that have the AMP connector installed. The files are identified by their SHA-256 hashes, and you can upload them individually or in a batch. The files are not quarantined, but they are blocked from execution and reported as events in the AMP console1. This option is different from the simple custom detection list, which is used to detect and quarantine specific files that are considered malicious2. The advanced custom detection list is also used to detect and quarantine files, but it allows you to specify more criteria such as file size, file name, and file path3. The IP block and allow lists are used to control the network traffic to and from the endpoints, not the file execution4. References: 1: Configure Application Control on the AMP for Endpoints Portal 2: Configure a Simple Custom Detection List on the AMP for Endpoints Portal 3: [Configure an Advanced Custom Detection List on the AMP for Endpoints Portal] 4: [Configure IP Block and Allow Lists on the AMP for Endpoints Portal]

 NetFlow is a protocol that collects and exports information about network traffic flows. NetFlow Version 9 is the latest version supported by the Cisco ASA 5500 Series firewall. To enable NetFlow on the ASA, you need to perform two main tasks: define a NetFlow collector and apply NetFlow exporter to an interface. A NetFlow collector is a device or application that receives and processes the NetFlow records sent by the ASA. You can define a NetFlow collector by using the flow-export command, which specifies the IP address, port number, and interface of the collector. A NetFlow exporter is a configuration that determines which traffic flows are monitored and exported by the ASA. You can apply NetFlow exporter to an interface by using the Modular Policy Framework (MPF), which allows you to create class maps and policy maps to match and act on interesting traffic. You can use the flow-export event-type option in the policy map to select the NetFlow events that you want to export. The other options (B, C, and D) are not required or correct for enabling NetFlow on the ASA. You do not need to create an ACL to allow UDP traffic on port 9996, because the ASA uses a random high port number to send NetFlow records to the collector. You do not need to apply NetFlow exporter to the outside interface in the inbound direction, because you can apply it to any interface and direction that you want to monitor. You do not need to create a class map to match interesting traffic, because the ASA monitors all traffic flows by default, unless you filter them by using the flow-export filters command. References:

Cisco Secure Firewall ASA NetFlow Implementation Guide, section “About NSEL”

Cisco Secure Firewall ASA NetFlow Implementation Guide, section “Configure NSEL Collectors (CLI)”

Cisco Secure Firewall ASA NetFlow Implementation Guide, section “Configure Flow-Export Actions Through Modular Policy Framework”

Configuring NetFlow on ASA with ASDM, section “Enabling NetFlow on ASA”