exam questions

Exam 350-701 All Questions

View all questions & answers for the 350-701 exam

Exam 350-701 topic 1 question 101 discussion

Actual exam question from Cisco's 350-701
Question #: 101
Topic #: 1
[All 350-701 Questions]

What can be integrated with Cisco Threat Intelligence Director to provide information about security threats, which allows the SOC to proactively automate responses to those threats?

  • A. Cisco Umbrella
  • B. External Threat Feeds
  • C. Cisco Threat Grid
  • D. Cisco Stealthwatch
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
CiscoTech
Highly Voted 4 years, 2 months ago
I think the answer is B. https://www.cisco.com/c/en/us/support/docs/storage-networking/security/214859-configure-and-troubleshoot-cisco-threat.html
upvoted 18 times
...
user636
Highly Voted 3 years, 8 months ago
The answer is B, there no possibility to integrate ThreatGrid with TID at all. You could check the administration guide of TID.
upvoted 5 times
...
Marshpillowz
Most Recent 5 months, 1 week ago
Selected Answer: B
B is correct
upvoted 1 times
...
brownbear505
2 years, 6 months ago
Selected Answer: B
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/cisco_threat_intelligence_director__tid_.html
upvoted 5 times
...
Sun2sun
2 years, 7 months ago
Selected Answer: B
should be B
upvoted 2 times
...
pr0fectus
2 years, 8 months ago
TID is used to leverage external threat feeds. ThreatGrid is already integrated with the AMP capability of FTD.
upvoted 2 times
...
MoII
2 years, 10 months ago
Answer should be B https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKDEV-2456.pdf Page 28 Cisco Threat Intelligence Director (TID) Step 1 Ingest third-party Cyber Threat Intelligence (CTI) Step 2 Publish observables to sensors Step 3 Detect and alert on incidents
upvoted 4 times
...
MoII
2 years, 10 months ago
Answer should be B https://blogs.cisco.com/developer/automate-threat-intelligence-using-cisco-threat-intelligence-director
upvoted 4 times
...
zeroC00L
2 years, 11 months ago
i would go with B here. Because the TID is used if you want to use external (not cisco provided) Security Information / Observables, in addition to what you get from cisco -> "The Cisco Threat Intelligence Director (TID) operationalizes threat intelligence data, helping you aggregate intelligence data, configure defensive actions, and analyze threats in your environment. This feature is intended to supplement other Firepower functionality, offering an additional line of defense against threats" https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/cisco_threat_intelligence_director__tid_.html and for AMP you dont need the TID. AMP(for Networks) comes with its own configuration o the FMC for example where you can define the cloud you want to use etc.
upvoted 2 times
...
Sarbi
3 years ago
It looks to me C.As it the cisco exam.Cisco treat grid
upvoted 2 times
andrewj511
3 years ago
"Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware."
upvoted 2 times
...
...
Raajaa
3 years, 2 months ago
B sounds correct to me
upvoted 2 times
...
Kris92
3 years, 6 months ago
I went with C at first, but B makes more sense. External threat feed is a option on ESA, but I don't see any example of using TID. TID is usually added to FP in intelligence sources.
upvoted 1 times
...
JAckThePip
3 years, 9 months ago
The answer is B: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_0110001.html
upvoted 2 times
...
myccnptest
3 years, 9 months ago
Looks like it might be "B" https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/cisco_threat_intelligence_director__tid_.html Feature introduced: Lets you use threat intelligence from external sources to identify and process threats.
upvoted 4 times
...
avl83
4 years, 1 month ago
the answer is C. More information take a look in, chapter 11, page 654, book "ccnp and ccie security Core"
upvoted 2 times
essie007
3 years, 11 months ago
The question is about the TID, not CTR. Correct answer is BB
upvoted 6 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago