Free Cisco 300-740 Practice Questions 2026 | Designing and Implementing Secure Cloud Access for Users and Endpoints (SCAZT)

Refer to the exhibit. An engineer must create a segmentation policy in Cisco Secure Workload to block HTTP traffic. The indicated configuration was applied; however, HTTP traffic is still allowed. What should be done to meet the requirement?

A. Change consumer_filter_ref to HTTP Consumer.

B. Add HTTP to 14_params.

C. Decrease the priority of the template to 50.

D. Increase the priority of the template to 200.

What helps prevent drive-by compromise?

A. Ad blockers

B. VPN

C. Incognito browsing

D. Browsing known websites

A security analyst detects an employee endpoint making connections to a malicious IP on the internet and downloaded a file named Test0511127691C.pdf. The analyst discovers the machine is infected by trojan malware. What must the analyst do to mitigate the threat using Cisco Secure Endpoint?

A. Identify the malicious IPs and place them in a blocked list

B. Create an IP Block list and add the IP address of the affected endpoint

C. Enable scheduled scans to detect and block the executable files

D. Start isolation of the machine on the Computers tab

Refer to the exhibit. An engineer must analyze a segmentation policy in Cisco Secure Workload. What is the result of applying the policy?

A. The default catch-all rule is applied by using Rule #3.

B. HR cannot use Telnet to connect to IT by using Rule #2.

C. HR can use Telnet to connect to IT by using Rule #1.

D. The explicit deny all rule is applied.

Refer to the exhibit. A security engineer deployed Cisco Secure XDR, and during testing, the log entry shows a security incident. Which action must the engineer take first?

A. Uninstall the malware.

B. Block IP address 10.77.17.45.

C. Isolate the endpoint.

D. Rebuild the endpoint.

An administrator must deploy an endpoint posture policy for all users. The organization wants to have all endpoints checked against antimalware definitions and operating system updates and ensure that the correct Secure Client modules are installed properly. How must the administrator meet the requirements?

A. Configure the WLC to provide local posture services, and configure Cisco ISE to receive the compliance verification from the WLC to be used in an authorization policy.

B. Create an ASA Firewall posture policy, upload the Secure Client images to the NAD, and create a local client provisioning portal.

C. Create the required posture policy within Cisco ISE, configure redirection on the NAD, and ensure that the client provisioning policy is correct.

D. Identify the antimalware being used, create an endpoint script to ensure that it is updated, and send the update log to Cisco ISE for processing.

An engineer configures trusted endpoints with Active Directory with Device Health to determine if an endpoint complies with the policy posture. After a week, an alert is received by one user, reporting problems accessing an application. When the engineer verifies the authentication report, this error is found:

"Endpoint is not trusted because Cisco Secure Endpoint check failed, Check user's endpoint in Cisco Secure Endpoint."

Which action must the engineer take to permit access to the application again?

A. Verify the Cisco Secure Endpoint admin panel and approve the access to the user on the Management tab after a complete virus check of the user's laptop.

B. Verify the Trusted Endpoints policy to verify the status of the machine, and after a complete process of analysis, permit the machine to have access to the application.

C. Verify the Duo admin panel, check the EndPoints tab, verify the status of the machine,and after a complete process of analysis, mark the computer as Resolved to permit the user to authenticate again.

D. Verify the Cisco Secure Endpoint admin panel, check the Inbox tab, verify the status of the machine, and after a complete process of analysis, mark the computer as Resolved to permit the user to authenticate again.

According to Cisco Security Reference Architecture, which solution provides threat intelligence and malware analytics?

A. Cisco pxGrid

B. Cisco XDR

C. Cisco Talos

D. Cisco Umbrella

Refer to the exhibit. An engineer configured a default segmentation policy in Cisco Secure Workload to block SMTP traffic. During testing, it is observed that the SMTP traffic is still allowed. Which action must the engineer take to complete the configuration?

A. Add "port": [25, 25] to _rootScope

B. Add _SMTPScope to provider_filter_ref

C. Add "port": [25, 25] to _params

D. Change consumer_filter_ref to: _SMTPScope

Which attack mitigation must be in place to prevent an attacker from authenticating to a service using a brute force attack?

A. Forced password change every 6 months

B. Use of a 100 ms delay between each authentication

C. Use of a password manager

D. Use of multifactor authentication for all accounts