Cisco Updated 350-701 Exam Questions and Answers by kaya

The intelligent proxy is a feature of Cisco Umbrella that allows it to selectively inspect and proxy web requests for domains that are classified as risky or potentially malicious. These domains may contain both safe and harmful content, and the intelligent proxy can filter out the malicious files or URLs while allowing the benign ones to pass through. The intelligent proxy can also apply SSL decryption to inspect encrypted traffic and enforce policies based on the content or destination of the web requests. To enable the intelligent proxy, an engineer needs to configure it within the Cisco Umbrella dashboard and select the categories of domains that should be proxied. The categories are based on the domain reputation and security risk, and range from High Risk to Low Risk. The engineer can also customize the list of domains to include or exclude from the intelligent proxy. By configuring the intelligent proxy, the engineer can achieve the objectives of identifying and proxying traffic that is categorized as risky domains and may contain safe and malicious content. References :=

Some possible references are:

• Enable the Intelligent Proxy - Umbrella User Guide, Cisco
• Manage the Intelligent Proxy - Umbrella User Guide, Cisco
• Intelligent Proxy in Cisco Umbrella how it works, Cisco Learning Network
• What is the Intelligent Proxy? - MSP User Guide, Cisco
• Cisco Umbrella Intelligent Proxy and SSL Decryption implementation, Cisco Community

Add the DNS entry for the new Cisco ISE node into the DNS server. This is because the fully qualified domain name (FQDN) of the new Cisco ISE node, for example, ise1.cisco.com, must be DNS-resolvable from the primary Administration ISE node. Otherwise, node registration will fail. The DNS server must contain the IP addresses and FQDNs of the ISE nodes that are part of the distributed deployment1.

The other options are incorrect because:

• Changing the IP address of the new Cisco ISE node to the same network as the others is not necessary, as long as the nodes can communicate with each other over the network.
• Making the new Cisco ISE node a secondary PAN before registering it with the primary is not possible, as the node must be registered first before changing its persona or role.
• Opening port 8905 on the firewall between the Cisco ISE nodes is not required, as this port is used for communication between the primary and secondary Monitoring ISE nodes, not for node registration.

References:

• Setting Up Cisco ISE in a Distributed Environment
• ISE node registering after change domain-name
• FQDN IN ISE

The Python script is using the dnac_login function to authenticate to a Cisco DNA Center server and obtain a token that can be used for subsequent API calls. The function takes three parameters: host, username, and password. It constructs a URL for the authentication endpoint, which is https://{}/api/system/v1/auth/token . It then uses the requests library to send a POST HTTP request to the URL, passing the username and password as HTTP Basic Authentication credentials, and setting the headers to indicate the expected content type and response format. The function also disables the SSL verification by setting the verify parameter to False. This is not recommended for production environments, as it exposes the script to potential security risks. The function then returns the token value from the JSON response, which is accessed by using the response.json()["Token"] syntax. The token can then be used as a bearer token for subsequent API calls to the Cisco DNA Center server. References:

• Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0, Module 9: Content Security, Lesson 9.3: Cisco DNA Center APIs
• Cisco DNA Center Platform API Reference, Authentication API
• Refer to the exhibit. What will happen when the Python script is executed?

A next-generation endpoint security solution is a modern approach of combining user and system behavior analytics with AI and machine learning to provide endpoint security12. These solutions are specifically designed to detect unknown malware and zero-day threats, which other non-next-generation solutions might fail to detect3. Two key deliverables that help justify the implementation of a next-generation endpoint security solution are:

• Continuous monitoring of all files that are located on connected endpoints. This feature allows the solution to scan and analyze all files on the endpoints, regardless of their origin or type, and identify any malicious or suspicious behavior. This helps to prevent malware from infecting the endpoints or spreading to other devices on the network4.
• Real-time feeds from global threat intelligence centers. This feature enables the solution to leverage the latest information and insights from various sources, such as security researchers, vendors, and customers, to detect and block new and emerging threats. This helps to keep the endpoints updated and protected from the most advanced and sophisticated attacks5.

References := 1: Overview of next-generation protection in Microsoft Defender for Endpoint 2: What Is Next-Generation Endpoint Security? 2024 Ultimate Guide - SelectHub 3: [Next