Back to Cisco SCOR / CCNP Security Core 350-701 questions

Scenario-based practice

Drag and Drop Matching Questions

Practise Cisco SCOR / CCNP Security Core 350-701 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

10
scenario questions
350-701
exam code
Cisco
vendor

Scenario guide

How to approach drag and drop matching questions

Matching questions give you two columns — concepts, commands, or protocols on the left, and their definitions or use-cases on the right. You drag each left item to its correct match. These appear on most certification exams and punish superficial memorisation.

Quick answer

Drag and Drop Matching Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related 350-701 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1mediummatching
Full question →

Match each 802.1X component to its role.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Client requesting network access

Network device that enforces access control

RADIUS server that validates credentials

Extensible Authentication Protocol framework

Protocol used for AAA services

Question 2mediummatching
Full question →

Match each threat type to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Fraudulent emails to steal sensitive info

Malware that encrypts data for ransom

Distributed attack to overwhelm a service

Attacker intercepts communications

Attack on unknown vulnerability

Question 3mediummatching
Full question →

Match each protocol to its default port number.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

443

22

53

25

161

Question 4mediummatching
Full question →

Match each encryption algorithm to its type.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Symmetric block cipher

Asymmetric public-key algorithm

Hash function

Symmetric block cipher (legacy)

Key exchange algorithm

Question 5mediummatching
Full question →

Match each security technology to its primary function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Detect and block malicious traffic inline

Monitor and alert on suspicious activity

Control access based on rules

Protect web applications from attacks

Encrypt traffic over public networks

Question 6mediummatching
Full question →

Match each Cisco ASA feature to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Modular Policy Framework for traffic inspection

High availability with active/standby or active/active

Graphical management interface

Command-line interface for configuration

VPN client for remote access

Question 7mediummatching
Full question →

Match each Cisco security product to its category.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Next-Generation Firewall

Cloud-Delivered Security

Advanced Malware Protection

Identity Services Engine

Network Visibility and Detection

Question 8mediummatching
Full question →

Match each Cisco security solution to its primary use case.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Next-generation firewall and IPS

DNS-layer security and web filtering

Endpoint threat detection and response

Network access control and policy enforcement

Network traffic analysis and anomaly detection

Question 9mediummatching
Read the full VPN explanation →

Match each VPN type to its characteristic.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Connects entire networks over the internet

Allows individual users to connect securely

Uses web browser for clientless access

Provides encrypted tunnels using IPsec

Dynamic multipoint VPN for hub-and-spoke topologies

Question 10mediummatching
Full question →

Match each Cisco security command to its function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Display IKE security associations

Display configured access control lists

Display firewall configuration and statistics

Enable IP packet debugging

Save running configuration to startup

These 350-701 practice questions are part of Courseiva's free Cisco certification practice question bank. Courseiva provides original exam-style 350-701 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.