ExamGecko
Search Search Login
Home Home / Cisco / 300-710

Cisco 300-710 Practice Test - Questions Answers, Page 14

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)
What is the difference between inline and inline tap on Cisco Firepower?
What is a result of enabling Cisco FTD clustering?
A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?
A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?
An engineer has been tasked with performing an audit of network projects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense Cisco Secure firewall ASA, and Meraki MX Series) deployed throughout the company Which tool will assist the engineer in performing that audit?
A software development company hosts the website http:dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be able associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?
An engineer is troubleshooting an intermittent connectivity issue on a Cisco Secure Firewall Threat Defense appliance and must collect 24 hours' worth of data. The engineer started a packet capture. Whenever it stops prematurely during this time period. The engineer notices that the packet capture butter size is set to the default of 32 MB Which butter S170 is the maximum that the engineer must sot to able the packet capture to run successfully?
Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

Question 131

Report
Export
Collapse

IT management is asking the network engineer to provide high-level summary statistics of the Cisco FTD appliance in the network. The business is approaching a peak season so the need to maintain business uptime is high. Which report type should be used to gather this information?

A.

Malware Report

A.

Malware Report

Answers
B.

Standard Report

B.

Standard Report

Answers
C.

SNMP Report

C.

SNMP Report

Answers
D.

Risk Report

D.

Risk Report

Answers
Suggested answer: B

Question 132

Report
Export
Collapse

What is a feature of Cisco AMP private cloud?

A.

It supports anonymized retrieval of threat intelligence

A.

It supports anonymized retrieval of threat intelligence

Answers
B.

It supports security intelligence filtering.

B.

It supports security intelligence filtering.

Answers
C.

It disables direct connections to the public cloud.

C.

It disables direct connections to the public cloud.

Answers
D.

It performs dynamic analysis

D.

It performs dynamic analysis

Answers
Suggested answer: C

Question 133

Report
Export
Collapse

A mid-sized company is experiencing higher network bandwidth utilization due to a recent acquisition The network operations team is asked to scale up their one Cisco FTD appliance deployment to higher capacities due to the increased network bandwidth. Which design option should be used to accomplish this goal?

A.

Deploy multiple Cisco FTD appliances in firewall clustering mode to increase performance.

A.

Deploy multiple Cisco FTD appliances in firewall clustering mode to increase performance.

Answers
B.

Deploy multiple Cisco FTD appliances using VPN load-balancing to scale performance.

B.

Deploy multiple Cisco FTD appliances using VPN load-balancing to scale performance.

Answers
C.

Deploy multiple Cisco FTD HA pairs to increase performance

C.

Deploy multiple Cisco FTD HA pairs to increase performance

Answers
D.

Deploy multiple Cisco FTD HA pairs in clustering mode to increase performance

D.

Deploy multiple Cisco FTD HA pairs in clustering mode to increase performance

Answers
Suggested answer: A

Question 134

Report
Export
Collapse

An organization has seen a lot of traffic congestion on their links going out to the internet There is a Cisco Firepower device that processes all of the traffic going to the internet prior to leaving the enterprise. How is the congestion alleviated so that legitimate business traffic reaches the destination?

A.

Create a flexconfig policy to use WCCP for application aware bandwidth limiting

A.

Create a flexconfig policy to use WCCP for application aware bandwidth limiting

Answers
B.

Create a VPN policy so that direct tunnels are established to the business applications

B.

Create a VPN policy so that direct tunnels are established to the business applications

Answers
C.

Create a NAT policy so that the Cisco Firepower device does not have to translate as many addresses

C.

Create a NAT policy so that the Cisco Firepower device does not have to translate as many addresses

Answers
D.

Create a QoS policy rate-limiting high bandwidth applications

D.

Create a QoS policy rate-limiting high bandwidth applications

Answers
Suggested answer: D

Question 135

Report
Export
Collapse

An engineer is troubleshooting a device that cannot connect to a web server. The connection is initiated from the Cisco FTD inside interface and attempting to reach 10.0.1.100 over the nonstandard port of 9443 The host the engineer is attempting the connection from is at the IP address of 10.20.10.20. In order to determine what is happening to the packets on the network, the engineer decides to use the FTD packet capture tool Which capture configuration should be used to gather the information needed to troubleshoot this issue?

A.


A.


Answers
B.


B.


Answers
C.


C.


Answers
D.


D.


Answers
Suggested answer: B

Question 136

Report
Export
Collapse

With a recent summer time change, system logs are showing activity that occurred to be an hour behind real time Which action should be taken to resolve this issue?

A.

Manually adjust the time to the correct hour on all managed devices

A.

Manually adjust the time to the correct hour on all managed devices

Answers
B.

Configure the system clock settings to use NTP with Daylight Savings checked

B.

Configure the system clock settings to use NTP with Daylight Savings checked

Answers
C.

Manually adjust the time to the correct hour on the Cisco FMC.

C.

Manually adjust the time to the correct hour on the Cisco FMC.

Answers
D.

Configure the system clock settings to use NTP

D.

Configure the system clock settings to use NTP

Answers
Suggested answer: B

Question 137

Report
Export
Collapse

What is a characteristic of bridge groups on a Cisco FTD?

A.

In routed firewall mode, routing between bridge groups must pass through a routed interface.

A.

In routed firewall mode, routing between bridge groups must pass through a routed interface.

Answers
B.

In routed firewall mode, routing between bridge groups is supported.

B.

In routed firewall mode, routing between bridge groups is supported.

Answers
C.

In transparent firewall mode, routing between bridge groups is supported

C.

In transparent firewall mode, routing between bridge groups is supported

Answers
D.

Routing between bridge groups is achieved only with a router-on-a-stick configuration on a connected router

D.

Routing between bridge groups is achieved only with a router-on-a-stick configuration on a connected router

Answers
Suggested answer: B

Question 138

Report
Export
Collapse

An engineer is attempting to create a new dashboard within the Cisco FMC to have a single view with widgets from many of the other dashboards. The goal is to have a mixture of threat and security related widgets along with Cisco

Firepower device health information. Which two widgets must be configured to provide this information? (Choose two).

A.

Intrusion Events

A.

Intrusion Events

Answers
B.

Correlation Information

B.

Correlation Information

Answers
C.

Appliance Status

C.

Appliance Status

Answers
D.

Current Sessions

D.

Current Sessions

Answers
E.

Network Compliance

E.

Network Compliance

Answers
Suggested answer: A, E

Question 139

Report
Export
Collapse

An engineer has been tasked with using Cisco FMC to determine if files being sent through the network are malware. Which two configuration tasks must be performed to achieve this file lookup?

(Choose two).

A.

The Cisco FMC needs to include a SSL decryption policy.

A.

The Cisco FMC needs to include a SSL decryption policy.

Answers
B.

The Cisco FMC needs to connect to the Cisco AMP for Endpoints service.

B.

The Cisco FMC needs to connect to the Cisco AMP for Endpoints service.

Answers
C.

The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for sandboxing.

C.

The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for sandboxing.

Answers
D.

The Cisco FMC needs to connect with the FireAMP Cloud.

D.

The Cisco FMC needs to connect with the FireAMP Cloud.

Answers
E.

The Cisco FMC needs to include a file inspection policy for malware lookup.

E.

The Cisco FMC needs to include a file inspection policy for malware lookup.

Answers
Suggested answer: B, E

Question 140

Report
Export
Collapse

An engineer configures an access control rule that deploys file policy configurations to security zones or tunnel zones, and it causes the device to restart. What is the reason for the restart?

A.

Source or destination security zones in the access control rule matches the security zones that are associated with interfaces on the target devices.

A.

Source or destination security zones in the access control rule matches the security zones that are associated with interfaces on the target devices.

Answers
B.

The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the destination policy.

B.

The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the destination policy.

Answers
C.

Source or destination security zones in the source tunnel zone do not match the security zones that are associated with interfaces on the target devices.

C.

Source or destination security zones in the source tunnel zone do not match the security zones that are associated with interfaces on the target devices.

Answers
D.

The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the source policy.

D.

The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the source policy.

Answers
Suggested answer: A
Total 326 questions
Go to page: of 33
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms