Free Access to Cisco.350-701.v2025-02-21.q424 with Valid Practice Test (Page 22)

Question 101

A switch with Dynamic ARP Inspection enabled has received a spoofed ARP response on a trusted interface.
How does the switch behave in this situation?

A.It forwards the packet after validation by using the MAC Binding Table.
B.It drops the packet after validation by using the IP & MAC Binding Table.
C.It forwards the packet without validation.
D.It drops the packet without validation.

Question 102

Why should organizations migrate to an MFA strategy for authentication?

A.MFA does not require any piece of evidence for an authentication mechanism.
B.Biometrics authentication leads to the need for MFA due to its ability to be hacked easily.
C.MFA methods of authentication are never compromised.
D.Single methods of authentication can be compromised more easily than MFA.

Question 103

An organization is implementing URL blocking using Cisco Umbrella. The users are able to go to some sites but other sites are not accessible due to an error. Why is the error occurring?

A.Client computers do not have the Cisco Umbrella Root CA certificate installed.
B.IP-Layer Enforcement is not configured.
C.Client computers do not have an SSL certificate deployed from an internal CA server.
D.Intelligent proxy and SSL decryption is disabled in the policy

Question 104

Which proxy mode must be used on Cisco WSA to redirect TCP traffic with WCCP?

A.transparent
B.redirection
C.forward
D.proxy gateway

Question 105

An attacker needs to perform reconnaissance on a target system to help gain access to it. The system has weak passwords, no encryption on the VPN links, and software bugs on the system's applications. Which vulnerability allows the attacker to see the passwords being transmitted in clear text?

A.weak passwords for authentication
B.improper file security
C.software bugs on applications
D.unencrypted links for traffic

Question 101

Question 102

Question 103

Question 104

Question 105

Download PDF File