Home / Cisco / 300-710

Cisco 300-710 Practice Test - Questions Answers, Page 15

Question list

List of questions

Question 141

(0)

An engineer has been tasked with using Cisco FMC to determine if files being sent through the network are malware. Which two configuration takes must be performed to achieve this file lookup? (Choo

Question 142

(0)

Which CLI command is used to control special handling of clientHello messages?

Question 143

(0)

An engineer is restoring a Cisco FTD configuration from a remote backup using the command restore remote-manager-backup location 1.1.1.1 admin /volume/home/admin BACKUP_Cisc394602314.zip on a

Question 144

(0)

An engineer has been tasked with providing disaster recovery for an organization's primary Cisco FMC. What must be done on the primary and secondary Cisco FMCs to ensure that a copy of the original

Question 145

(0)

A network engineer is logged into the Cisco AMP for Endpoints console and sees a malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate this threat?

Question 146

(0)

An organization has a Cisco IPS running in inline mode and is inspecting traffic for malicious activity. When traffic is received by the Cisco IRS, if it is not dropped, how does the traffic get to

Question 147

(0)

A network administrator is concerned about (he high number of malware files affecting users' machines. What must be done within the access control policy in Cisco FMC to address this concern?

Question 148

(0)

An engineer is investigating connectivity problems on Cisco Firepower that is using service group tags. Specific devices are not being tagged correctly, which is preventing clients from using the pr

Question 149

(0)

A connectivity issue is occurring between a client and a server which are communicating through a Cisco Firepower device While troubleshooting, a network administrator sees that traffic is reaching

Question 150

(0)

An organization must be able to ingest NetFlow traffic from their Cisco FTD device to Cisco Stealthwatch for behavioral analysis. What must be configured on the Cisco FTD to meet this requirement?

Related questions

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

What is the difference between inline and inline tap on Cisco Firepower?

What is a result of enabling Cisco FTD clustering?

A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

An engineer has been tasked with performing an audit of network projects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense Cisco Secure firewall ASA, and Meraki MX Series) deployed throughout the company Which tool will assist the engineer in performing that audit?

A software development company hosts the website http:dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be able associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?

An engineer is troubleshooting an intermittent connectivity issue on a Cisco Secure Firewall Threat Defense appliance and must collect 24 hours' worth of data. The engineer started a packet capture. Whenever it stops prematurely during this time period. The engineer notices that the packet capture butter size is set to the default of 32 MB Which butter S170 is the maximum that the engineer must sot to able the packet capture to run successfully?

Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

Question 141

An engineer has been tasked with using Cisco FMC to determine if files being sent through the network are malware. Which two configuration takes must be performed to achieve this file lookup?

(Choose two.)

The Cisco FMC needs to include a SSL decryption policy.

The Cisco FMC needs to connect to the Cisco AMP for Endpoints service.

The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for sandboxing.

The Cisco FMC needs to connect with the FireAMP Cloud.

The Cisco FMC needs to include a file inspection policy for malware lookup.

Show Answer Comment (0)

Question 142

Which CLI command is used to control special handling of clientHello messages?

system support ssl-client-hello-tuning

system support ssl-client-hello-display

system support ssl-client-hello-force-reset

system support ssl-client-hello-reset

Show Answer Comment (0)

An engineer is restoring a Cisco FTD configuration from a remote backup using the command restore remote-manager-backup location 1.1.1.1 admin /volume/home/admin BACKUP_Cisc394602314.zip on a Cisco FMG. After connecting to the repository, an error occurred that prevents the FTD device from accepting the backup file. What is the problem?

The backup file is not in .cfg format.

The backup file is too large for the Cisco FTD device

The backup file extension was changed from tar to zip

The backup file was not enabled prior to being applied

Show Answer Comment (0)

Question 144

An engineer has been tasked with providing disaster recovery for an organization's primary Cisco FMC. What must be done on the primary and secondary Cisco FMCs to ensure that a copy of the original corporate policy is available if the primary Cisco FMC fails?

Restore the primary Cisco FMC backup configuration to the secondary Cisco FMC device when the primary device fails.

Configure high-availability in both the primary and secondary Cisco FMCs.

Connect the primary and secondary Cisco FMC devices with Category 6 cables of not more than 10 meters in length.

Place the active Cisco FMC device on the same trusted management network as the standby device.

Show Answer Comment (0)

Question 145

A network engineer is logged into the Cisco AMP for Endpoints console and sees a malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate this threat?

Add the hash to the simple custom deletion list.

Use regular expressions to block the malicious file.

Enable a personal firewall in the infected endpoint.

Add the hash from the infected endpoint to the network block list.

Show Answer Comment (0)

Question 146

An organization has a Cisco IPS running in inline mode and is inspecting traffic for malicious activity.

When traffic is received by the Cisco IRS, if it is not dropped, how does the traffic get to its destination?

It is retransmitted from the Cisco IPS inline set.

The packets are duplicated and a copy is sent to the destination.

It is transmitted out of the Cisco IPS outside interface.

It is routed back to the Cisco ASA interfaces for transmission.

Show Answer Comment (0)

Question 147

A network administrator is concerned about (he high number of malware files affecting users' machines. What must be done within the access control policy in Cisco FMC to address this concern?

Create an intrusion policy and set the access control policy to block.

Create an intrusion policy and set the access control policy to allow.

Create a file policy and set the access control policy to allow.

Create a file policy and set the access control policy to block.

Show Answer Comment (0)

Question 148

An engineer is investigating connectivity problems on Cisco Firepower that is using service group tags. Specific devices are not being tagged correctly, which is preventing clients from using the proper policies when going through the firewall How is this issue resolved?

Use traceroute with advanced options.

Use Wireshark with an IP subnet filter.

Use a packet capture with match criteria.

Use a packet sniffer with correct filtering

Show Answer Comment (0)

Question 149

A connectivity issue is occurring between a client and a server which are communicating through a Cisco Firepower device While troubleshooting, a network administrator sees that traffic is reaching the server, but the client is not getting a response Which step must be taken to resolve this issue without initiating traffic from the client?

Use packet-tracer to ensure that traffic is not being blocked by an access list.

Use packet capture to ensure that traffic is not being blocked by an access list.

Use packet capture to validate that the packet passes through the firewall and is NATed to the corrected IP address.

Use packet-tracer to validate that the packet passes through the firewall and is NATed to the corrected IP address.

Show Answer Comment (0)

Question 150

An organization must be able to ingest NetFlow traffic from their Cisco FTD device to Cisco Stealthwatch for behavioral analysis. What must be configured on the Cisco FTD to meet this requirement?

flexconfig object for NetFlow

interface object to export NetFlow

security intelligence object for NetFlow

variable set object for NetFlow

Show Answer Comment (0)

Total 326 questions

13 14 15 16 17

Go to page: of 33