Exactprep 350-701 Questions

Explanation

Explanation

If sysopt permit-vpn is not enabled then an access control policy must be created to allow the VPN traffic through the FTD device. If sysopt permit-vpn is enabled skip creating an access control policy.

The Cisco Stealthwatch system collects and analyzes network telemetry such as flow (NetFlow, sFlow, JFlow, IPFIX, etc.) from routers, switches, and firewalls to monitor network and user behavior. The system conducts sophisticated, proprietary analytics on network data to automatically detect abnormal behaviors that may signify an attack1. NetFlow is a protocol that provides information about network traffic flows, such as source and destination IP addresses, ports, protocols, bytes, packets, and timestamps. NetFlow data can be used to identify network anomalies, bandwidth usage, application performance, and security incidents2. References :=

Some possible references are:

1: Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics, Zones, 3 2: What is NetFlow? Definition and Benefits, Cisco, 7

The Cloudlock Apps Firewall is a feature of Cisco Cloudlock, which is a cloud-native cloud access security broker (CASB) that helps organizations move to the cloud safely. The Cloudlock Apps Firewall mitigates security concerns from an application perspective by discovering and controlling cloud apps that are connected to a company’s corporate environment, such as Google G Suite or Microsoft Azure Active Directory (AD). These cloud apps are authorized through OAuth to access corporate data and resources via APIs, and may pose risks such as data exfiltration, account compromise, or malicious behavior. The Cloudlock Apps Firewall provides visibility into the app ecosystem, including the app name, category, risk level, access scopes, and number of users. It also allows administrators to ban or allowlist apps based on their risk profile and compliance requirements. Additionally, the Cloudlock Apps Firewall leverages a crowd-sourced Community Trust Rating for each app, which reflects the feedback from other Cloudlock customers on the app’s security and functionality. References :=

Cisco Content Security Products

Cisco Cloudlock - Cisco

Shadow IT Control with Apps Firewall - Cisco

Test scor q151 - q200

Network telemetry is a technology that allows network devices to push data to a collector in real time, rather than waiting for the collector to pull data from them. This improves the efficiency and accuracy of data collection, and enables the monitoring of a large number of network devices. SNMP, on the other hand, is a protocol that uses a pull model, where the collector requests data from the devices periodically. This can cause delays, gaps, and overhead in data collection, and limit the scalability of network monitoring. Therefore, network telemetry has an advantage over SNMP pulls in terms of scalability. References:

What Is Telemetry? Telemetry vs. SNMP - Huawei

Streaming telemetry challenges SNMP in large, complex networks

Network streaming telemetry: Monitoring in “real-time” - Paessler

An Overview of Network Telemetry - Geek Speak - Resources - THWACK