Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← 350-701 Practice Hub

350-701 • Practice Test 28

350-701 Practice Test 28 — 15 Questions

Free 350-701 practice test — 15 questions with explanations. Set 28. No signup required.

15
Questions
Free
No signup
Certifications/350-701/Practice Test/Set 28
Question 1 of 150 answered
hard

A large enterprise with over 2,000 employees recently experienced a security breach. An attacker gained initial access through a phishing email and then moved laterally across the network to reach a critical database server. The network currently has a flat Layer 2 topology with all devices in a single large VLAN. The company wants to prevent lateral movement in the future while maintaining operational simplicity. They have a Cisco ISE deployment already but it is only used for wireless guest access. The security team is evaluating options. Option A: Deploy 802.1X with dynamic VLAN assignment across all wired ports. This would authenticate users and assign them to different VLANs based on identity. Option B: Implement micro-segmentation using Cisco TrustSec with Security Group Tags (SGTs) on the existing switches and enforce SGT-based policies on the firewalls. This would allow traffic control between groups regardless of IP. Option C: Install a next-generation firewall at the internet edge and enable IPS to block known attack signatures. Option D: Upgrade all access switches to support Private VLANs (PVLANs) and configure promiscuous ports for servers. Which solution BEST addresses the lateral movement problem while leveraging existing infrastructure?

Scored session

Track progress, bookmark weak spots, and get readiness analysis.

Start full session

Practice tests

Scored 10-question sessions with instant feedback and explanations.

350-701 Practice Test 1 — 10 Questions→350-701 Practice Test 2 — 10 Questions→350-701 Practice Test 3 — 10 Questions→350-701 Practice Test 4 — 10 Questions→350-701 Practice Test 5 — 10 Questions→350-701 Practice Exam 1 — 20 Questions→350-701 Practice Exam 2 — 20 Questions→350-701 Practice Exam 3 — 20 Questions→350-701 Practice Exam 4 — 20 Questions→Free 350-701 Practice Test 1 — 30 Questions→Free 350-701 Practice Test 2 — 30 Questions→Free 350-701 Practice Test 3 — 30 Questions→350-701 Practice Questions 1 — 50 Questions→350-701 Practice Questions 2 — 50 Questions→350-701 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Endpoint Protection and DetectionSecure Network Access, Visibility and EnforcementSecurity ConceptsNetwork SecurityCloud SecurityContent Security

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

350-701 Practice HubEndpoint Protection and DetectionSecure Network Access, Visibility and EnforcementSecurity ConceptsNetwork Security