Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Cisco® 350-701

Cisco® 350-701 Exam Practice Questions (P. 3)

  • Full Access (704 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
How does DNS Tunneling exfiltrate data?
  1. A
    An attacker registers a domain that a client connects to based on DNS records and sends malware through that connection.
  2. B
    An attacker opens a reverse DNS shell to get into the client's system and install malware on it.
  3. C
    An attacker sends an email to the target with hidden DNS resolvers in it to redirect them to a malicious domain.
  4. D
    An attacker uses a non-standard DNS port to gain access to the organization's DNS servers in order to poison the resolutions.

Correct Answer:
A
chatbot-img GPT-4o - Answer
The process of DNS tunneling for data exfiltration involves utilizing DNS queries and responses to covertly transfer data. Attackers establish a server and register a domain. Once malware is installed on a victim's computer, it uses DNS queries to communicate with the attacker-controlled server. These DNS requests, normally allowed through firewalls, carry encoded data to the domain where the server decodes it. This method effectively bypasses standard network defenses, making detection challenging. Essentially, it turns DNS into a channel for data leakage without establishing direct connections that can be easily traced.

Question #22
An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system's applications. Which vulnerability allows the attacker to see the passwords being transmitted in clear text?
  1. A
    unencrypted links for traffic
  2. B
    weak passwords for authentication
  3. C
    improper file security
  4. D
    software bugs on applications

Correct Answer:
A

Question #23
A user has a device in the network that is receiving too many connection requests from multiple machines. Which type of attack is the device undergoing?
  1. A
    SYN flood
  2. B
    slowloris
  3. C
    phishing
  4. D
    pharming

Correct Answer:
A

Question #24
Which two preventive measures are used to control cross-site scripting? (Choose two.)
  1. A
    Enable client-side scripts on a per-domain basis.
  2. B
    Incorporate contextual output encoding/escaping.
  3. C
    Disable cookie inspection in the HTML inspection engine.
  4. D
    Run untrusted HTML input through an HTML sanitization engine.
  5. E
    SameSite cookie attribute should not be used.

Correct Answer:
BD

Question #25
Which threat involves software being used to gain unauthorized access to a computer system?
  1. A
    ping of death
  2. B
    HTTP flood
  3. C
    NTP amplification
  4. D
    virus

Correct Answer:
D

Question #26
Which two capabilities does TAXII support? (Choose two.)
  1. A
    exchange
  2. B
    pull messaging
  3. C
    binding
  4. D
    correlation
  5. E
    mitigating

Correct Answer:
AB

Question #27
Which two conditions are prerequisites for stateful failover for IPsec? (Choose two.)
  1. A
    Only the IKE configuration that is set up on the active device must be duplicated on the standby device; the IPsec configuration is copied automatically.
  2. B
    The active and standby devices can run different versions of the Cisco IOS software but must be the same type of device.
  3. C
    The IPsec configuration that is set up on the active device must be duplicated on the standby device.
  4. D
    Only the IPsec configuration that is set up on the active device must be duplicated on the standby device; the IKE configuration is copied automatically.
  5. E
    The active and standby devices must run the same version of the Cisco IOS software and must be the same type of device.

Correct Answer:
CE
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnav/configuration/15-mt/sec-vpn-availability-15-mt-book/sec-state-fail-ipsec.html

Question #28
Which algorithm provides encryption and authentication for data plane communication?
  1. A
    AES-GCM
  2. B
    SHA-96
  3. C
    AES-256
  4. D
    SHA-384

Correct Answer:
A

Question #29
DRAG DROP -
Drag and drop the capabilities from the left onto the correct technologies on the right.
Select and Place:


Correct Answer:

Question #30
Which two key and block sizes are valid for AES? (Choose two.)
  1. A
    64-bit block size, 112-bit key length
  2. B
    64-bit block size, 168-bit key length
  3. C
    128-bit block size, 192-bit key length
  4. D
    128-bit block size, 256-bit key length
  5. E
    192-bit block size, 256-bit key length

Correct Answer:
CD
Reference:
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Previous Questions Next Questions

All Pages