Cisco 300-710 Practice Test - Questions Answers, Page 11
Question list
List of questions
Related questions
While configuring FTD, a network engineer wants to ensure that traffic passing through the appliance does not require routing or Vlan rewriting. Which interface mode should the engineer implement to accomplish this task?
passive
transparent
Inline tap
Inline set
The event dashboard within the Cisco FMC has been inundated with low priority intrusion drop events, which are overshadowing high priority events. An engineer has been tasked with reviewing the policies and reducing the low priority events. Which action should be configured to accomplish this task?
generate events
drop packet
drop connection
drop and generate
An engineer is configuring a cisco FTD appliance in IPS-only mode and needs to utilize fail-to-wire interfaces. Which interface mode should be used to meet these requirements?
transparent
routed
passive
inline set
Which two considerations must be made when deleting and re-adding devices while managing them via Cisco FMC (Choose two).
Before re-adding the device In Cisco FMC, the manager must be added back.
The Cisco FMC web interface prompts users to re-apply access control policies.
Once a device has been deleted, It must be reconfigured before it is re-added to the Cisco FMC.
An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the polices after registration is completed.
There is no option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.
Refer to the exhibit.
An administrator is looking at some of the reporting capabilities for Cisco Firepower and noticed this section of the Network Risk report showing a lot of SSL activity that cloud be used for evasion. Which action will mitigate this risk?
Use SSL decryption to analyze the packets.
Use encrypted traffic analytics to detect attacks
Use Cisco AMP for Endpoints to block all SSL connection
Use Cisco Tetration to track SSL connections to servers.
An engineer is attempting to add a new FTD device to their FMC behind a NAT device with a NAT ID of ACME001 and a password of Cisco388267669. Which command set must be used in order to accomplish this?
configure manager add ACME001 <registration key> <FMC IP>
configure manager add <FMC IP> ACME0O1 <registration key>
configure manager add DONTRESOLVE <FMC IP> AMCE001 <registration key>
configure manager add <FMC IP> registration key> ACME001
A user within an organization opened a malicious file on a workstation which in turn caused a ransomware attack on the network. What should be configured within the Cisco FMC to ensure the file is tested for viruses on a sandbox system?
Capacity handling
Local malware analysis
Spere analysis
Dynamic analysis
Refer to the exhibit.
What must be done to fix access to this website while preventing the same communication to all other websites?
Create an intrusion policy rule to have Snort allow port 80 to only 172.1.1 50.
Create an access control policy rule to allow port 80 to only 172.1.1 50.
Create an intrusion policy rule to have Snort allow port 443 to only 172.1.1.50
Create an access control policy rule to allow port 443 to only 172.1.1 50
A network administrator is seeing an unknown verdict for a file detected by Cisco FTD. Which malware policy configuration option must be selected in order to further analyse the file in the Talos cloud?
Spero analysis
Malware analysis
Dynamic analysis
Sandbox analysis
Administrator is configuring SNORT inspection policies and is seeing failed deployment messages in Cisco FMC . What information should the administrator generate for Cisco TAC to help troubleshoot?
A Troubleshoot" file for the device in question.
A "show tech" file for the device in question
A "show tech" for the Cisco FMC.
A "troubleshoot" file for the Cisco FMC
Question