350-701 Free Practice Test

- (Exam Topic 1)
Under which two circumstances is a CoA issued? (Choose two)

1. A. A new authentication rule was added to the policy on the Policy Service node.
2. B. An endpoint is deleted on the Identity Service Engine server.
3. C. A new Identity Source Sequence is created and referenced in the authentication policy.
4. D. An endpoint is profiled for the first time.
5. E. A new Identity Service Engine server is added to the deployment with the Administration persona

Correct Answer: BD
The profiling service issues the change of authorization in the following cases:– Endpoint deleted—When an endpoint is deleted from the Endpoints page and the endpoint is disconnectedor removed from the network.An exception action is configured—If you have an exception action configured per profile that leads to anunusual or an unacceptable event from that endpoint. The profiling service moves the endpoint to thecorresponding static profile by issuing a CoA.– An endpoint is profiled for the first time—When an endpoint is not statically assigned and profiled for the first time; for example, the profile changes from an unknown to a known profile.+ An endpoint identity group has changed—When an endpoint is added or removed from an endpoint identity group that is used by an authorization policy.The profiling service issues a CoA when there is any change in an endpoint identity group, and the endpoint identity group is used in the authorization policy for the following:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide

- (Exam Topic 1)
Which two risks is a company vulnerable to if it does not have a well-established patching solution for endpoints? (Choose two)

1. A. exploits
2. B. ARP spoofing
3. C. denial-of-service attacks
4. D. malware
5. E. eavesdropping

Correct Answer: AD
Malware means “malicious software”, is any software intentionally designed to cause damage to a computer, server, client, or computer network. The most popular types of malware includes viruses, ransomware and spyware. Virus Possibly the most common type of malware, viruses attach their malicious code to clean code and wait to be run.
Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.Spyware is spying software that can secretly record everything you enter, upload, download, and store on your computers or mobile devices. Spyware always tries to keep itself hidden.An exploit is a code that takes advantage of a software vulnerability or security flaw.Exploits and malware are two risks for endpoints that are not up to date. ARP spoofing and eavesdropping are attacks against the network while denial-of-service attack is based on the flooding of IP packets.

- (Exam Topic 1)
Which form of attack is launched using botnets?

1. A. EIDDOS
2. B. virus
3. C. DDOS
4. D. TCP flood

Correct Answer: C
A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them.Cyber criminals use botnets to instigate botnet attacks, which include malicious activities such as credentialsleaks, unauthorized access, data theft and DDoS attacks.

- (Exam Topic 3)
What is a function of Cisco AMP for Endpoints?

1. A. It detects DNS attacks
2. B. It protects against web-based attacks
3. C. It blocks email-based attacks
4. D. It automates threat responses of an infected host

Correct Answer: D

- (Exam Topic 3)
Which MDM configuration provides scalability?

1. A. pushing WPA2-Enterprise settings automatically to devices
2. B. enabling use of device features such as camera use
3. C. BYOD support without extra appliance or licenses
4. D. automatic device classification with level 7 fingerprinting

Correct Answer: C