Cisco Updated 350-701 Exam Questions and Answers by kaya

One of the main reasons why a user would choose an on-premises ESA versus the CES solution is to have more control over the sensitive data that flows through the email system. With an on-premises ESA, the user can ensure that the data is stored and processed within their own network and data center, and that they comply with any regulatory or organizational requirements for data security and privacy. With a CES solution, the user would have to trust Cisco to handle the data in their cloud infrastructure, and to adhere to the service level agreements and security policies that are agreed upon. Some users may not be comfortable with this level of outsourcing, especially if they have strict data governance or compliance needs12. References: 1: Physical ESA vs Cloud ESA - Cisco Community 2: Cisco Email Security Appliance - Data Sheet

 To prevent rogue NTP servers from inserting themselves as the authoritative time source, the administrator needs to configure NTP authentication and specify the interface for syncing to the NTP server. NTP authentication allows the ASA to verify the identity and integrity of the NTP packets received from the server, using a shared secret key. Specifying the interface for syncing to the NTP server ensures that the ASA uses the correct source address for sending and receiving NTP packets, and avoids potential routing issues. The other options are not required or relevant for this task. Specifying the NTP version is optional and does not affect security. Configuring the NTP stratum is only applicable for NTP servers, not clients. The ASA can only act as an NTP client, not a server. Setting the NTP DNS hostname is not recommended, as it introduces a dependency on DNS resolution and may cause synchronization problems if the DNS server changes the IP address of the NTP server. References :=

Some possible references are:

Configure NTP Authentication on Secure Network Analytics

CLI Book 1: Cisco ASA Series General Operations CLI Configuration Guide, 9.6 - Basic Settings

Cisco ASA NTP and Clock Configuration with Examples

 Cisco Duo is a cloud-based solution that provides multi-factor authentication (MFA) and device trust for secure access to applications and data. MFA adds an extra layer of security by requiring users to verify their identity with something they know (such as a password) and something they have (such as a phone or a hardware token). Device trust ensures that only trusted devices can access sensitive resources by checking the device health and compliance. Cisco Duo can help prevent social engineering attacks by making it harder for hackers to impersonate legitimate users or compromise their credentials. Cisco Duo can also integrate with other Cisco security products, such as Cisco AnyConnect, Cisco AMP for Endpoints, and Cisco Umbrella, to provide a comprehensive security solution. References :=

Cisco Duo Security

Cisco Duo: Multi-Factor Authentication

Cisco Duo: Device Trust

Cisco Security Core Technologies SCOR