ExamGecko
Search Search Login
Home Home / Cisco / 300-710

Cisco 300-710 Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)
What is the difference between inline and inline tap on Cisco Firepower?
A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?
A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?
What is a result of enabling Cisco FTD clustering?
An engineer has been tasked with performing an audit of network projects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense Cisco Secure firewall ASA, and Meraki MX Series) deployed throughout the company Which tool will assist the engineer in performing that audit?
A software development company hosts the website http:dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be able associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?
An engineer is troubleshooting an intermittent connectivity issue on a Cisco Secure Firewall Threat Defense appliance and must collect 24 hours' worth of data. The engineer started a packet capture. Whenever it stops prematurely during this time period. The engineer notices that the packet capture butter size is set to the default of 32 MB Which butter S170 is the maximum that the engineer must sot to able the packet capture to run successfully?
Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

Question 1

Report
Export
Collapse

What is a result of enabling Cisco FTD clustering?

A.

For the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.

A.

For the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.

Answers
B.

Integrated Routing and Bridging is supported on the master unit.

B.

Integrated Routing and Bridging is supported on the master unit.

Answers
C.

Site-to-site VPN functionality is limited to the master unit, and all VPN connections are dropped if the master unit fails.

C.

Site-to-site VPN functionality is limited to the master unit, and all VPN connections are dropped if the master unit fails.

Answers
D.

All Firepower appliances can support Cisco FTD clustering.

D.

All Firepower appliances can support Cisco FTD clustering.

Answers
Suggested answer: C

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/clustering_for_the_firepower_threat_defense.html

Question 2

Report
Export
Collapse

Which two conditions are necessary for high availability to function between two Cisco FTD devices?

(Choose two.)

A.

The units must be the same version

A.

The units must be the same version

Answers
B.

Both devices can be part of a different group that must be in the same domain when configured within the FMC.

B.

Both devices can be part of a different group that must be in the same domain when configured within the FMC.

Answers
C.

The units must be different models if they are part of the same series.

C.

The units must be different models if they are part of the same series.

Answers
D.

The units must be configured only for firewall routed mode.

D.

The units must be configured only for firewall routed mode.

Answers
E.

The units must be the same model.

E.

The units must be the same model.

Answers
Suggested answer: A, E

Explanation:

Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-managementcenter/212699- configure-ftd-high-availability-on-firep.html

Question 3

Report
Export
Collapse

On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?

A.

transparent inline mode

A.

transparent inline mode

Answers
B.

TAP mode

B.

TAP mode

Answers
C.

strict TCP enforcement

C.

strict TCP enforcement

Answers
D.

propagate link state

D.

propagate link state

Answers
Suggested answer: D

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/inline_sets_and_passive_interfaces_for_firepower_threat_defense.html

Question 4

Report
Export
Collapse

What are the minimum requirements to deploy a managed device inline?

A.

inline interfaces, security zones, MTU, and mode

A.

inline interfaces, security zones, MTU, and mode

Answers
B.

passive interface, MTU, and mode

B.

passive interface, MTU, and mode

Answers
C.

inline interfaces, MTU, and mode

C.

inline interfaces, MTU, and mode

Answers
D.

passive interface, security zone, MTU, and mode

D.

passive interface, security zone, MTU, and mode

Answers
Suggested answer: C

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-configguide-v65/ips_device_deployments_and_configuration.html

Question 5

Report
Export
Collapse

What is the difference between inline and inline tap on Cisco Firepower?

A.

Inline tap mode can send a copy of the traffic to another device.

A.

Inline tap mode can send a copy of the traffic to another device.

Answers
B.

Inline tap mode does full packet capture.

B.

Inline tap mode does full packet capture.

Answers
C.

Inline mode cannot do SSL decryption.

C.

Inline mode cannot do SSL decryption.

Answers
D.

Inline mode can drop malicious traffic.

D.

Inline mode can drop malicious traffic.

Answers
Suggested answer: A

Question 6

Report
Export
Collapse

With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

A.

inline set

A.

inline set

Answers
B.

passive

B.

passive

Answers
C.

routed

C.

routed

Answers
D.

inline tap

D.

inline tap

Answers
Suggested answer: B

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/interface_overview_for_firepower_threat_defense.html

Question 7

Report
Export
Collapse

Which two deployment types support high availability? (Choose two.)

A.

transparent

A.

transparent

Answers
B.

routed

B.

routed

Answers
C.

clustered

C.

clustered

Answers
D.

intra-chassis multi-instance

D.

intra-chassis multi-instance

Answers
E.

virtual appliance in public cloud

E.

virtual appliance in public cloud

Answers
Suggested answer: A, B

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-configguide-v61/firepower_threat_defense_high_availability.html

Question 8

Report
Export
Collapse

Which protocol establishes network redundancy in a switched Firepower device deployment?

A.

STP

A.

STP

Answers
B.

HSRP

B.

HSRP

Answers
C.

GLBP

C.

GLBP

Answers
D.

VRRP

D.

VRRP

Answers
Suggested answer: A

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/firepower_threat_defense_high_availability.html

Question 9

Report
Export
Collapse

Which interface type allows packets to be dropped?

A.

passive

A.

passive

Answers
B.

inline

B.

inline

Answers
C.

ERSPAN

C.

ERSPAN

Answers
D.

TAP

D.

TAP

Answers
Suggested answer: B

Explanation:

Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200908-configuring-firepower- threat-defense-int.html

Question 10

Report
Export
Collapse

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

A.

Redundant Interface

A.

Redundant Interface

Answers
B.

EtherChannel

B.

EtherChannel

Answers
C.

Speed

C.

Speed

Answers
D.

Media Type

D.

Media Type

Answers
E.

Duplex

E.

Duplex

Answers
Suggested answer: C, E

Explanation:

https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm- interfaces.html

Total 326 questions
Go to page: of 33
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms