ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-701 All Questions

View all questions & answers for the 350-701 exam
Go to Exam

Exam 350-701 topic 1 question 619 discussion

Actual exam question from Cisco's 350-701
Question #: 619
Topic #: 1
[All 350-701 Questions]

Which two global commands must the network administrator implement to limit the attack surface of an internet-facing Cisco router? (Choose two.)

  • A. service tcp-keepalives-in
  • B. no service password-recovery
  • C. no cdp run
  • D. no ip http server
  • E. ip ssh version 2
Show Suggested Answer Hide Answer
Suggested Answer: CD 🗳️
by devildog at Aug. 15, 2024, 8:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
madboy2
1 month, 2 weeks ago
Selected Answer: CD
CDP (Cisco Discovery Protocol) exposes device information (e.g., IP addresses, model, OS version) to potential attackers. The HTTP server allows web-based management, which is a security risk if left open to the internet. Therefore C and D should be correct
upvoted 1 times
...
Pierre_Bouvier
3 months, 1 week ago
Selected Answer: CD
ip ssh version 2: Configures SSH version 2 for secure remote management. While it improves security, it does not directly reduce the attack surface.
upvoted 1 times
...
Surfside92
6 months, 1 week ago
Selected Answer: CD
ssh ver 2 is more secure - but you're not limiting the remote access attack surface by using it over version 1
upvoted 1 times
...
Premium_Pils
8 months ago
C - no Ip http server to disable unused services. D - ip ssh version 2 for enhanced security features.
upvoted 1 times
...
klu16
8 months, 2 weeks ago
Selected Answer: CD
I will go with C and D. "ip ssh version 2" ensures that SSH version 2 is used, but that does not limit the attack surface, though.
upvoted 1 times
...
devildog
8 months, 3 weeks ago
I could be wrong, but I'm thinking C. and D.
upvoted 1 times
[Removed]
8 months, 3 weeks ago
I think that CDP only affect invernal no internet connections
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago