Cisco 300-710 Practice Test - Questions Answers, Page 16
Question list
List of questions
Related questions
An engineer must build redundancy into the network and traffic must continuously flow if a redundant switch in front of the firewall goes down. What must be configured to accomplish this task?
redundant interfaces on the firewall cluster mode and switches
redundant interfaces on the firewall noncluster mode and switches
vPC on the switches to the interface mode on the firewall duster
vPC on the switches to the span EtherChannel on the firewall cluster
What is the advantage of having Cisco Firepower devices send events to Cisco Threat Response via the security services exchange portal directly as opposed to using syslog?
All types of Cisco Firepower devices are supported.
An on-premises proxy server does not need to be set up and maintained.
Cisco Firepower devices do not need to be connected to the Internet.
Supports all devices that are running supported versions of Cisco Firepower.
A network administrator notices that inspection has been interrupted on all non-managed interfaces of a device. What is the cause of this?
The value of the highest MTU assigned to any non-management interface was changed.
The value of the highest MSS assigned to any non-management interface was changed.
A passive interface was associated with a security zone.
Multiple inline interface pairs were added to the same inline interface.
A network administrator is configuring Snort inspection policies and is seeing failed deployment messages in Cisco FMC. What information should the administrator generate for Cisco TAC to help troubleshoot?
A "show tech" file for the device in question.
A "troubleshoot" file for the device in question.
A "troubleshoot" file for the Cisco FMC.
A "show tech" for the Cisco FMC.
A network administrator needs to create a policy on Cisco Firepower to fast-path traffic to avoid Layer 7 inspection. The rate at which traffic is inspected must be optimized. What must be done to achieve this goal?
Enable lhe FXOS for multi-instance.
Configure a prefilter policy.
Configure modular policy framework.
Disable TCP inspection.
A network engineer is tasked with minimising traffic interruption during peak traffic limes. When the SNORT inspection engine is overwhelmed, what must be configured to alleviate this issue?
Enable IPS inline link state propagation
Enable Pre-filter policies before the SNORT engine failure.
Set a Trust ALL access control policy.
Enable Automatic Application Bypass.
A VPN user is unable to conned lo web resources behind the Cisco FTD device terminating the connection. While troubleshooting, the network administrator determines that the DNS responses are not getting through the Cisco FTD What must be done to address this issue while still utilizing Snort IPS rules?
Uncheck the "Drop when Inline" box in the intrusion policy to allow the traffic.
Modify the Snort rules to allow legitimate DNS traffic to the VPN users.
Disable the intrusion rule threshes to optimize the Snort processing.
Decrypt the packet after the VPN flow so the DNS queries are not inspected
An analyst is investigating a potentially compromised endpoint within the network and pulls a host report for the endpoint in question to collect metrics and documentation. What information should be taken from this report for the investigation?
client applications by user, web applications, and user connections
number of attacked machines, sources of the attack, and traffic patterns
intrusion events, host connections, and user sessions
threat detections over time and application protocols transferring malware
A company wants a solution to aggregate the capacity of two Cisco FTD devices to make the best use of resources such as bandwidth and connections per second. Which order of steps must be taken across the Cisco FTDs with Cisco FMC to meet this requirement?
Configure the Cisco FTD interfaces, add members to FMC, configure cluster members in FMC, and create cluster in Cisco FMC.
Add members to Cisco FMC, configure Cisco FTD interfaces in Cisco FMC. configure cluster members in Cisco FMC, create cluster in Cisco FMC. and configure cluster members in Cisco FMC.
Configure the Cisco FTD interfaces and cluster members, add members to Cisco FMC. and create the cluster in Cisco FMC.
Add members to the Cisco FMC, configure Cisco FTD interfaces, create the cluster in Cisco FMC, and configure cluster members in Cisco FMC.
A network engineer is logged into the Cisco AMP for Endpoints console and sees a malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate this threat?
Use regular expressions to block the malicious file.
Add the hash from the infected endpoint to the network block list.
Add the hash to the simple custom detection list.
Enable a personal firewall in the infected endpoint.
Question