Share your SCOR Experience
February 23rd, 2020
Go to comments
Please share with us your experience to prepare for the new SCOR 350-701 exam, your materials, the way you learned, your recommendations… But please DO NOT share any information about the detail of the exam or your personal information, your score, exam date and location, your email…
Your posts are warmly welcome! Hope you will find useful information here!
Note: Currently there are no lab sims for this exam, only multiple choice and drag drop questions.
@Budong, @Woodkid: it can also be Answer B: NMAP is listed as Probe by Cisco: https://www.cisco.com/c/en/us/td/docs/security/ise/2-1/admin_guide/b_ise_admin_guide_21/b_ise_admin_guide_20_chapter_010100.html#concept_0DC76BAE68A14AC5960B8BDBCBA8083C
Q6:
Which Cisco command enables authentication, authorization, and accounting globally so
that CoA is supported on the device?
A. ip device-tracking
B. aaa server radius dynamic-author
C. aaa new-model
D. auth-type all
As described in the Cisco Documentation https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-sy/sec-usr-aaa-15-sy-book/sec-rad-coa.html#GUID-D996C01F-5F53-4B48-87E3-4820DB15C02A
the Answer is C. See Step3: aaa-new model: Enables authentication, authorization, and accounting (AAA) globally.
Thanks @Woodkid, could you please update the VCE file with the corrected answers?
Thanks a lot.
please any one tell me the correct answers for the below questions ??????????????????????????
QUESTION
1 Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
A. security intelligence
B. impact flags
C. health monitoring
D. URL filtering
2.
A. show authentication registrations
B. show authentication method
C. show dot1x all
D. show authentication sessions
3. Which flaw does an attacker leverage when exploiting SQL injection vulnerabilities?
A. user input validation in a web page or web application
B. Linux and Windows operating systems
C. database
D. web
4. What are the two most commonly used authentication factors in multifactor authentication? (Choose two.)
A. biometric factor
B. time factor
C. confidentiality factor
D. knowledge factor
E. encryption factorpage images
5. An engineer configured a new network identity in Cisco Umbrella but must verify that traffic is being routed
through the Cisco Umbrella network. Which action tests the routing?
A. Ensure that the client computers are pointing to the on-premises DNS servers.
B. Enable the Intelligent Proxy to validate that traffic is being routed correctly.
C. Add the public IP address that the client computers are behind to a Core Identity.
D. Browse to http://welcome.umbrella.com/ to validate that the new identity is working.
6. For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two.)
A. computer identity
B. Windows service
C. user identity
D. Windows firewall
E. default browser
7. The main function of northbound APIs in the SDN architecture is to enable communication between which two
areas of a network?
A. SDN controller and the cloud
B. management console and the SDN controller
C. management console and the cloud
D. SDN controller and the management solution
8. Which two features of Cisco Email Security can protect your organization against email threats?(choose two)
A. Time-based one-time passwords
B. Data loss prevention
C. Heuristic-based filtering
D. Geolocation-based filtering
E. NetFlow 9. What are two rootkit types? (Choose two)
A. bootloader
B. buffer mode
C. registry
D. virtual
E. user mode
10. Which two tasks allow NetFlow on a Cisco ASA 5500 Series firewall? (Choose two)
A. Define a NetFlow collector by using the flow-export command.
B. Enable NetFlow Version 9.
C. Create an ACL to allow UDP traffic on port 9996.
D. Create a class map to match interesting traffic.
E. Apply NetFlow Exporter to the outside interface in the inbound direction. 11. In which two ways does a system administrator send web traffic transparently to the Web Security Appliance? (Choose two)
A. reference a Proxy Auto Config file
B. configure policy-based routing on the network infrastructure
C. use Web Cache Communication Protocol
D. configure the proxy IP address in the web-browser settings
E. configure Active Directory Group Policies to push proxy settings
12. Which benefit is provided by ensuring that an endpoint is compliant with a posture policy configured in Cisco ISE?
A. It allows the endpoint to authenticate with 802.1x or MAB.
B. It allows CoA to be applied if the endpoint status is compliant.
C. It adds endpoints to identity groups dynamically.
D. It verifies that the endpoint has the latest Microsoft security patches installed.
13. Which Cisco command enables authentication, authorization, and accounting globally so that CoA is supported on the device?
A. aaa new-model
B. auth-type all
C. ip device-tracking
D. aaa server radius dynamic-author
14. An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which probe must be enabled for this type of profiling to work?
A. DHCP
B. NMAP
C. NetFlow
D. SNMP
15. What provides visibility and awareness into what is currently occurring on the network?
A. Prime Infrastructure
B. Telemetry
C. CMX
D. WMI
Guys can you please share link to updated vce file with the corrected answers, thanks in advance!
pass today 932. All are in the dumps shared on this site
@micheale
1:B. impact flags
2:D. show authentication sessions
3:A. user input validation in a web page or web application
4:
B. time factor
D. knowledge factor
5:D. Browse to http://welcome.umbrella.com/ to validate that the new identity is working.
6:
B. Windows service
D. Windows firewall
7:D. SDN controller and the management solution
8:
B. Data loss prevention
C. Heuristic-based filtering
9:
E. user mode
A. bootloader
10:
A. Define a NetFlow collector by using the flow-export command.
E. Apply NetFlow Exporter to the outside interface in the inbound direction.
11:
B. configure policy-based routing on the network infrastructure
C. use Web Cache Communication Protocol
12:D. It verifies that the endpoint has the latest Microsoft security patches installed.
13:A. aaa new-model
14:A. DHCP
15:B. Telemetry
is 127q, 161q and new dump file all valid?
Can please anyone provide the link to the valid dump as I can not find it.
Please who has the link to the dumps? i will share my tut premium once purchased.
Anonymous……………….why do you jocking.you have to tell the truth for this community it is good for you
Hi Guys, Just passed the exam wit 9xx. I used @Neil dump (vce + pdf). All the questions were from @Neil’s dump. If you are planning to takethe exam, please do it fast before it change again.
SugarOverDrive……………..please can you post the questions i have schedule the exam for October 24 …….do you think it can change before october 24 ???????????????????
can someone please share @Neil dump or refer to the page where the link is
thank you
@micheale and @leda,
This is the link to Neil’s dump:
Remove the spaces:
mega . nz / file / FoEwWQDA#Ud791nII8C6lAUBtrRSEzCmqxybuiV_bMSVtxch6jo0
I believe Oct 24 is a good period of days to study this dump and pass.
i have purchased the premium. i hope it remains valid till i am due for the exam.
saltbae……………….please can you share the questions ……………..please please please
@SugarOverDrive thnaks and congratulations to you…@Neils dumps (160q) is enough for clear the exam ?
why does the file not open? anyway, i have coverted the prem questions to PDF and it gave me a total of 157 questions incl DD. i plan to take this exam in Oct
saltbae…please can you share to me the questions ……….
@Saltbae can you please share the 157 pdf questions, if you can provide the link thank you in advance!
@ Micheale and N3ptun3 do you have Neil’s dump? send to gema pinto @ yahoo .com and i will send you the prem dumps. don’t forget i paid 19usd for it, so i am not selfish. we all should pass and move forward
@Saltbae I just sent you the information you needed, I hope you can reply back and share the 157 pdf questions prem dumps, thank you in advance for your help!
saltbae
mega.nz/file/FoEwWQDA#Ud791nII8C6lAUBtrRSEzCmqxybuiV_bMSVtxch6jo0
this is neils dump link .. copy to your browser
N3ptun3……………..dont forget to share to me if you get please please
@Michaele sure i will, can you give me ur email add so i can share it to you as well…
Today Sept. 22, 2020 dumps are valid. Exam Pass. All quest. are from dump above. Good Luck!
@saltbae 157?
The September dump has 161q do you know what are missing?
@N3ptun3 thanks and i have sent you the prem dump.
saltbae………….PLEASE SEND TO ME THE PREM DUMP.
@Discontented I used 9tut prem during my ccna and it was exactly as in the real exam. both in numerical order. I came back to them because they are reliable. i have used testlord n pass4sure which were all rip offs.
micheale @N3ptun3 will send to you as he promised
micheale send me your email
who knows free VCE player link?
@saltbae please send me the premium dump. I’ve sent you my email. Thanks
Does anyone have the 700-765 valid dumps ?
Hey guys, could anyone response?
Which two request of REST API are valid on the Cisco ASA Platform? (Choose two)
A. push
B. options
C. connect
D. put
E. get
@micheale
These are HTTP request methods, the correct answer is:
Put and Get
Request Structure
Available request methods are:
GET – Retrieves data from the specified object.
PUT – Adds the supplied information to the specified object; returns a 404 Resource Not Found error if the object does not exist.
POST – Creates the object with the supplied information.
DELETE – Deletes the specified object.
PATCH – Applies partial modifications to the specified object.
discontented…………thanks alot …………..have you take the exam ???????please share a link for premium dump if you have
Yes, yesterday, passed 902.
3 new questions to from what were in the 161 dump. look for the dump in here by Neil, its a mega link. There’s a pdf and vce file.
I cant remember what the questions were, one was about priv level 15.
@saltbae @N3ptun3 @Larry @discontented or anyone please send me the dump at {email not allowed} as I can not open the mega link.
Thanks in advance.
My email is aziz1405950 @ miuegypt.edu.eg “without the space”
Hello everyone. Please, does anyone plan to take the exam next week based on Neil’s dump?
@adam yes i’m planning but waiting for more confirmation about his dumps.
i am also planning to take the exam ……………but I need more confirmation about the dump …………..
How many questions are in the exam? Passing score? Anyone who knows and has recent valid dumps plz answer
Hi,
where can I get the question from this website (in which section is the download link)
thanks
Passed today, 9xx Points, 102 Questions in the Exam, Same Questions as in the Dump from @Neils (with the Corrections from this Threat)
Congratulations Tom !!!!
Paased my exam today with 9XX marks. @neil and @woodkids dumps 100% valid (remember the corrections shared here as well). All the best guys!! :)
Dear all.. Does anyone here have Official Certification Guide for Ccie SCOR pdf.
I am planning to start preparing.. Please let me know
Marie can you please share the dumps with me?
Marie & Tom ,
congratulations guys, Did you mean the dump here with 161 Q or something else , please i plan to take it next week.
Marie & Tom……….are u sure …the 161 dump is valid ?????have you studied this dump and passed ?please please please tell me the fact information ….i have scheduled already to take the exam next week .
Marie & Tom……….are u sure …the 161 dump is valid ?????have you studied this dump and passed ?please please please tell me the fact information ….i have scheduled already to take the exam next week .
Anyone who gave exams recently? Is it valid the 161 dumps?
Passed today 923 all quesions from here and no new questions yet
Pete, Tom, Cyber, Micheale, CR7, yes the dumps of 161 Q with all corrections shared till now are valid. I studied from them only and cleared. All the best guys!!
Hello guys can anyone please share 161Q valid dumps it would be highly appreciated…
N3ptun3 and others– are you so lazy to find dumps on the forum? Stop asking stupid questions please.
Passed today 951. All the questions were from @Neil’s dump.
Congratulations Tihi!!!
Have you taken into consideration the corrections made by @Woodkid?
Tnx Adam.
Yes I have taken into consideration the correction made by @Woodkid but I still got 951.
Thank you Tihi
What are two rootkit types? (Choose two)
A. bootloader
B. buffer mode
C. registry
D. virtual
E. user mode
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
A. SSL
B. packet decoder
C. SIP
D. modbus
E. inline normalization
When using Cisco AMP for networks which feature copies a file to the Cisco AMP cloud for analysis?
A. Spero analysis
B. sandbox analysis
C. dynamic analisis
D. malware nalysis
What are two rootkit types? (Choose two)
A. bootloader
B. buffer mode
C. registry
D. virtual
E. user mode
AE
https://blog.emsisoft.com/en/29468/rootkits/
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
A. SSL
B. packet decoder
C. SIP
D. modbus
E. inline normalization
AC
When using Cisco AMP for networks which feature copies a file to the Cisco AMP cloud for analysis?
A. Spero analysis
B. sandbox analysis
C. dynamic analisis
D. malware nalysis
A
Hi guys, is there any group like this for ccna cyberops
Hi everyone , I finished study INE course, i am looking for taking exam , is the dump vce is valid and anyone did takes exam recently?
Hey, Is the september dump the most up to date comprehensive doc or is the premium doc different?
Hi, Is there a change in the exam since 24 Aug ?
Any last update? Someone who gave exams today?
Paased my exam today with 9XX marks. @neil and @woodkids dumps 100% valid (remember the corrections shared here as well). All the best guys!! :)
11…………….please are you sure …..i have planned to take the exam next week ……are the questions 161 dump
Passed exam today with 9XX . All questions were from @Neil dump .
Good luck everyone!!! and thank you @Neil
What is the difference between deceptive phishing and spear phishing?
A. Deceptive phishing hijacks and manipulates the DNS server of the victim and redirects the user to a false webpage.
B. A spear phishing campaign is aimed at a specific person versus a group of people.
C. Spear phishing is when the attack is aimed at the C-level executives of an organization.
D. Deceptive phishing is an attacked aimed at a specific user in the organization who holds a C-level role.
Hi guys,
I’m thinking about doing the exam from home, has anyone tried this mode, had difficulties?
tks
Keiller, I did the exam from home last month. Just make sure you have stable working internet and a room where you will have no disturbance.
Premium says the answer to this question is C not A
When using Cisco AMP for networks which feature copies a file to the Cisco AMP cloud for analysis?
A. Spero analysis
B. sandbox analysis
C. dynamic analisis
D. malware nalysis
Explanation
Spero analysis examines structural characteristics such as metadata and header information in executable files. After generating a Spero signature based on this information, if the file is an eligible executable file, the device submits it to the Spero heuristic engine in the AMP cloud. Based on the Spero signature, the Spero engine determines whether the file is malware.
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reference_a_wrapper_Chapter_topic_here.html
-> Spero analysis only uploads the signature of the (executable) files to the AMP cloud. It does not upload the whole file. Dynamic analysis sends files to AMP ThreatGrid.
Dynamic Analysis submits (the whole) files to Cisco Threat Grid (formerly AMP Threat Grid). Cisco Threat Grid runs the file in a sandbox environment, analyzes the file’s behavior to determine whether the file is malicious, and returns a threat score that indicates the likelihood that a file contains malware. From the threat score, you can view a dynamic analysis summary report with the reasons for the assigned threat score. You can also look in Cisco Threat Grid to view detailed reports for files that your organization submitted, as well as scrubbed reports with limited data for files that your organization did not submit.
Local malware analysis allows a managed device to locally inspect executables, PDFs, office documents, and other types of files for the most common types of malware, using a detection rule set provided by the Cisco Talos Security Intelligence and Research Group (Talos). Because local analysis does not query the AMP cloud, and does not run the file, local malware analysis saves time and system resources. -> Malware analysis does not upload files to anywhere, it only checks the files locally.
There is no sandbox analysis feature, it is just a method of dynamic analysis that runs suspicious files in a virtual machine.
micheale… Yes nothing change, Take the exam asap and good luck.
@saltbae yes, U R right – dynamic analisis.
Thanks.
For which two conditions can an endpoint be checked using ISE posture assessment? (Choose two)
A. Windows service
B. computer identity
C. default browser
D. Windows firewall
E. user identity
Hi all,
Just one question, do you know how many questions the exam (SCOR 350-701) has?
@Regat :
A. Windows service
D. Windows firewall
Good luck
11……………thanks a lot i believe you and i will take the exam after 2 weeks
I know that you have to take two exams for the CCNP Security: Core and Concentration however, anyone know if there is a time limit that you must pass both exam to get certified? i.e. 1 year from passing either or 6 months, etc…
I’m planning taking the 350-701 and 300-735, then if time permits 350-901.
Hi,
exam passed with 9xx.
@neil and @woodkids dumps are 100% valid.
got 102 questions, took in consideration the corrected answers provided in the previous comments
want to know which concentration exam is the easiest
Thank you @neil and @woodkids
congrats @leda. how many DD did you get in the exam?
@leda “which concentration exam is the easiest”
Very good question, indeed. IMO hardest will be ISE and Firepower exams. I will go for WSA as the next one after SCOR, but I have access to production deployments of WSA.
Where can I find the valid dump?
@Azme on this forum – just look for links
Hi guys, what do you think about take the Cisco exam (350-701) from home?
Thank you.
Finally passed 9XX! Thanks to @neil and @woodkids dumps are 100% valid.
@N3ptun3 Congrats! Which one concentration exam next? Or straight to the CCIE Lab exam?
Thanks @hell…will be going for the CCIE Lab.
@N3ptun3, what sources are you using to prepare for the lab?
@Ben, I will still be sourcing out for resources in preparation for the lab exam.
wow! congrats N3ptun3. how would you rate the premium? is it also valid?
QUESTION 134
An engineer wants to automatically assign endpoints that have a specific OUI into a new endpoint group. Which probe must be enabled for this type of
profiling to work?
A. DHCP
B. NMAP
C. NetFlow
D. SNMP
Correct Answer: B
Id say it is A – DHCP as we have DHCP and Radius Probes with ISE. NMAP is no Probe”
The answer is B and is correct according to one of the Cisco Cert Guide Book author’s Katherine McNamara http://www.network-node.com/blog/2016/1/2/ise-20-profiling