Cisco Updated 350-701 Exam Questions and Answers by shanaya

DNS-layer security is a method of protecting users from cyberthreats by blocking malicious or risky domains before a connection is established. Cisco Umbrella is a cloud-based service that provides DNS-layer security by using Cisco Talos threat intelligence to filter DNS requests and prevent access to malicious domains. Cisco Umbrella also offers other security features, such as web filtering, cloud-delivered firewall, secure web gateway, and cloud access security broker. Cisco Umbrella can protect users on and off the corporate network, regardless of their location or device. Cisco Umbrella is compatible with other Cisco security solutions, such as Cisco ISE, Cisco FTD, and Cisco ASA, but it is the only one that offers DNS-layer security as a core capability. References:

What Is DNS Security? How Does It Work? - Cisco Umbrella

Why Umbrella DNS Security? - Cisco Umbrella

According to the NIST 800-145 guide1, a community cloud is a cloud infrastructure that is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises. A community cloud differs from a private cloud, which is provisioned for exclusive use by a single organization, and a public cloud, which is provisioned for open use by the general public. A hybrid cloud is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds). References := 1: NIST SP 800-145, The NIST Definition of Cloud Computing, page 3.

Time synchronization is one of the features that can be configured for managed devices in the device platform settings of the Firepower Management Center (FMC). Time synchronization ensures that the FMC and its managed devices have the same date and time settings, which is important for accurate event logging and reporting. The FMC can act as a Network Time Protocol (NTP) server for its managed devices, or it can use an external NTP server as a time source1. The FMC can also synchronize its time with the system clock of the device where it is installed2. References := 1: Firepower Management Center Device Configuration Guide, 7.1 - Platform Settings 2: Firepower Management Center Configuration Guide, Version 6.6 - Device Management Basics

Web usage controls are a feature of Cisco Web Security Appliance (WSA) that allow administrators to define and enforce policies for web access based on URL categories. URL categories are groups of websites that share a common theme or content, such as news, sports, entertainment, etc. Cisco WSA uses the Cisco Dynamic Content Analysis Engine and the Talos Security Intelligence and Research Group to provide accurate and up-to-date URL categorization. Administrators can use the web usage controls to allow, block, warn, or monitor web requests based on the URL category of the destination website. They can also create custom URL categories to include or exclude specific domains or URLs from the predefined categories. Web usage controls help administrators to control web traffic, enhance security, improve productivity, and comply with regulatory and organizational requirements. References :=

Some possible references are:

Web Usage Controls - Cisco Web Security Appliance User Guide, Cisco

Cisco Web Usage Control Filtering Categories Data Sheet, Cisco

Define Custom URL Categories in WSA, Cisco