350-701 Free Practice Test

- (Exam Topic 3)
An engineer adds a custom detection policy to a Cisco AMP deployment and encounters issues with the configuration. The simple detection mechanism is configured, but the dashboard indicates that the hash is not 64 characters and is non-zero. What is the issue?

1. A. The engineer is attempting to upload a hash created using MD5 instead of SHA-256
2. B. The file being uploaded is incompatible with simple detections and must use advanced detections
3. C. The hash being uploaded is part of a set in an incorrect format
4. D. The engineer is attempting to upload a file instead of a hash

Correct Answer: A

- (Exam Topic 1)
Which two deployment modes does the Cisco ASA FirePower module support? (Choose two)

1. A. transparent mode
2. B. routed mode
3. C. inline mode
4. D. active mode
5. E. passive monitor-only mode

Correct Answer: CD
Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/asdm72/firewall/asa-firewall-asdm/modules-sfr.html

- (Exam Topic 2)
Which component of Cisco umbrella architecture increases reliability of the service?

1. A. Anycast IP
2. B. AMP Threat grid
3. C. Cisco Talos
4. D. BGP route reflector

Correct Answer: C

- (Exam Topic 1)
Which two behavioral patterns characterize a ping of death attack? (Choose two)

1. A. The attack is fragmented into groups of 16 octets before transmission.
2. B. The attack is fragmented into groups of 8 octets before transmission.
3. C. Short synchronized bursts of traffic are used to disrupt TCP connections.
4. D. Malformed packets are used to crash systems.
5. E. Publicly accessible DNS servers are typically used to execute the attack.

Correct Answer: BD
Ping of Death (PoD) is a type of Denial of Service (DoS) attack in which an attacker attempts to crash,destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command.A correctly-formed ping packet is typically 56 bytes in size, or 64 bytes when the ICMP header is considered,and 84 including Internet Protocol version 4 header. However, any IPv4 packet (including pings) may be as large as 65,535 bytes. Some computer systems were never designed to properly handle a ping packet larger than the maximum packet size because it violates the Internet Protocol documentedLike other large but well-formed packets, a ping of death is fragmented into groups of 8 octets beforetransmission. However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code.

- (Exam Topic 2)
A Cisco ESA network administrator has been tasked to use a newly installed service to help create policy based on the reputation verdict. During testing, it is discovered that the Cisco ESA is not dropping files that have an undetermined verdict. What is causing this issue?

1. A. The policy was created to send a message to quarantine instead of drop
2. B. The file has a reputation score that is above the threshold
3. C. The file has a reputation score that is below the threshold
4. D. The policy was created to disable file analysis

Correct Answer: D
Maybe the “newly installed service” in this Qmentions about Advanced Malware Protection (AMP) which can be used along with ESA. AMP allows superior protection across the attack continuum.+ File Reputation – captures a fingerprint of each file as it traverses the ESA and sends it to AMP’s cloudbased intelligence network for a reputation verdict. Given these results, you can automatically block malicious files and apply administrator-defined policy.+ File Analysis – provides the ability to analyze unknown files that are traversing the ESA. A highly secure sandbox environment enables AMP to glean precise details about the
file’s behavior and to combine that data with detailed human and machine analysis to determine the file’s threat level. This disposition is then fed into AMP cloud-based intelligence network and used to dynamically update and expand the AMP cloud data set for enhanced protection