Cisco passguarantee ccnp Security 350-701 Updated Exam by Merryn q60 vce pdf

Page: 23 / 51

Exam Name:	Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)
Exam Code:	350-701 Dumps
Vendor:	Cisco	Certification:	CCNP Security
Questions:	688 Q&A's	Shared By:	merryn

Question 92

What must be configured in Cisco ISE to enforce reauthentication of an endpoint session when an endpoint is

deleted from an identity group?

Options:

posture assessment

CoA

external identity source

SNMP probe

Discussion

Question 93

What provides visibility and awareness into what is currently occurring on the network?

Options:

CMX

WMI

Prime Infrastructure

Telemetry

Discussion

Sarah

Yeah, I was so relieved when I saw that the question appeared in the exam were similar to their exam dumps. It made the exam a lot easier and I felt confident going into it.

Aaliyah Aug 27, 2024

Same here. I've heard mixed reviews about using exam dumps, but for us, it definitely paid off.

Ari

Can anyone explain what are these exam dumps and how are they?

Ocean Oct 16, 2024

They're exam preparation materials that are designed to help you prepare for various certification exams. They provide you with up-to-date and accurate information to help you pass your exams.

Fatima

Hey I passed my exam. The world needs to know about it. I have never seen real exam questions on any other exam preparation resource like I saw on Cramkey Dumps.

Niamh Oct 15, 2024

That's true. Cramkey Dumps are simply the best when it comes to preparing for the certification exam. They have all the key information you need and the questions are very similar to what you'll see on the actual exam.

Freddy

I passed my exam with flying colors and I'm confident who will try it surely ace the exam.

Aleksander Sep 26, 2024

Thanks for the recommendation! I'll check it out.

Faye

Yayyyy. I passed my exam. I think all students give these dumps a try.

Emmeline Sep 12, 2024

Definitely! I have no doubt new students will find them to be just as helpful as I did.

Question 94

An organization is receiving SPAM emails from a known malicious domain. What must be configured in order to

prevent the session during the initial TCP communication?

Options:

Configure the Cisco ESA to drop the malicious emails

Configure policies to quarantine malicious emails

Configure policies to stop and reject communication

Configure the Cisco ESA to reset the TCP connection

Discussion

Answer:

Explanation:

The best way to prevent the session during the initial TCP communication is to configure policies to stop and reject communication from the known malicious domain. This will prevent the ESA from accepting any messages from that domain and send a negative SMTP response code back to the sender. This will also save the ESA’s resources and bandwidth, as it will not have to process or store the malicious emails. This can be done by creating a sender group in the Host Access Table (HAT) that matches the malicious domain and setting the mail flow policy to “Reject” or “Throttle”. Alternatively, a message filter can be created that checks the envelope sender against the malicious domain and applies the “stop_connection” or “reject_connection” action12.

The other options are not as effective as stopping and rejecting the communication at the TCP level. Configuring the Cisco ESA to drop the malicious emails (option A) will still allow the ESA to accept the messages and then silently discard them, which will consume the ESA’s resources and bandwidth, and also not notify the sender of the rejection. Configuring policies to quarantine malicious emails (option B) will also require the ESA to accept and store the messages, which will take up disk space and require manual or automated management of the quarantine. Configuring the Cisco ESA to reset the TCP connection (option D) will abruptly terminate the connection without sending a proper SMTP response code, which may cause the sender to retry the delivery and generate more traffic. Resetting the TCP connection is also considered a less polite and less compliant way of rejecting messages than sending a negative SMTP response code34. References: 1: How to Block a Sender Domain on the Email Security Appliance 2: Message Filters on the Cisco Email Security Appliance 3: How to Configure the Cisco Email Security Appliance to Reject or Drop Messages 4: Cisco Email Security Appliance User Guide - Configuring Mail Policies

Question 95

Which functions of an SDN architecture require southbound APIs to enable communication?

Options:

SDN controller and the network elements

management console and the SDN controller

management console and the cloud

SDN controller and the cloud