Cisco 300-710 Practice Test - Questions Answers, Page 13
Question list
List of questions
Related questions
An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks What must be configured in order to maintain data privacy for both departments?
Use a dedicated IPS inline set for each department to maintain traffic separation
Use 802 1Q mime set Trunk interfaces with VLANs to maintain logical traffic separation
Use passive IDS ports for both departments
Use one pair of inline set in TAP mode for both departments
Which license type is required on Cisco ISE to integrate with Cisco FMC pxGrid?
mobility
plus
base
apex
With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the appliance?
ERSPAN
IPS-only
firewall
tap
An organization is setting up two new Cisco FTD devices to replace their current firewalls and cannot have any network downtime During the setup process, the synchronization between the two devices is failing What action is needed to resolve this issue?
Confirm that both devices have the same port-channel numbering
Confirm that both devices are running the same software version
Confirm that both devices are configured with the same types of interfaces
Confirm that both devices have the same flash memory sizes
A network engineer wants to add a third-party threat feed into the Cisco FMC for enhanced threat detection Which action should be taken to accomplish this goal?
Enable Threat Intelligence Director using STIX and TAXII
Enable Rapid Threat Containment using REST APIs
Enable Threat Intelligence Director using REST APIs
Enable Rapid Threat Containment using STIX and TAXII
A Cisco FTD device is running in transparent firewall mode with a VTEP bridge group member ingress interface What must be considered by an engineer tasked with specifying a destination MAC address for a packet trace?
The destination MAC address is optional if a VLAN ID value is entered
Only the UDP packet type is supported
The output format option for the packet logs unavailable
The VLAN ID and destination MAC address are optional
An organization has a compliancy requirement to protect servers from clients, however, the clients and servers all reside on the same Layer 3 network Without readdressing IP subnets for clients or servers, how is segmentation achieved?
Deploy a firewall in transparent mode between the clients and servers.
Change the IP addresses of the clients, while remaining on the same subnet.
Deploy a firewall in routed mode between the clients and servers
Change the IP addresses of the servers, while remaining on the same subnet
A network administrator notices that SI events are not being updated The Cisco FTD device is unable to load all of the SI event entries and traffic is not being blocked as expected. What must be done to correct this issue?
Restart the affected devices in order to reset the configurations
Manually update the SI event entries to that the appropriate traffic is blocked
Replace the affected devices with devices that provide more memory
Redeploy configurations to affected devices so that additional memory is allocated to the SI module
A hospital network needs to upgrade their Cisco FMC managed devices and needs to ensure that a disaster recovery process is in place. What must be done in order to minimize downtime on the network?
Configure a second circuit to an ISP for added redundancy
Keep a copy of the current configuration to use as backup
Configure the Cisco FMCs for failover
Configure the Cisco FMC managed devices for clustering.
In a multi-tennent deployment where multiple domains are in use. which update should be applied outside of the Global Domain?
minor upgrade
local import of intrusion rules
Cisco Geolocation Database
local import of major upgrade
Question