Cisco 300-710 Practice Test - Questions Answers, Page 17
Question list
List of questions
Related questions
An engineer must define a URL object on Cisco FMC. What is the correct method to specify the URL without performing SSL inspection?
Use Subject Common Name value.
Specify all subdomains in the object group.
Specify the protocol in the object.
Include all URLs from CRL Distribution Points.
An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. They are unable to gather information about neighbouring Cisco devices or use multicast in their environment. What must be done to resolve this issue?
Create a firewall rule to allow CDP traffic.
Create a bridge group with the firewall interfaces.
Change the firewall mode to routed.
Change the firewall mode to transparent.
An analyst is reviewing the Cisco FMC reports for the week. They notice that some peer-to-peer applications are being used on the network and they must identify which poses the greatest risk to the environment. Which report gives the analyst this information?
Attacks Risk Report
User Risk Report
Network Risk Report
Advanced Malware Risk Report
An administrator is adding a new URL-based category feed to the Cisco FMC for use within the policies. The intelligence source does not use STIX. but instead uses a .txt file format. Which action ensures that regular updates are provided?
Add a URL source and select the flat file type within Cisco FMC.
Upload the .txt file and configure automatic updates using the embedded URL.
Add a TAXII feed source and input the URL for the feed.
Convert the .txt file to STIX and upload it to the Cisco FMC.
A Cisco FTD device is running in transparent firewall mode with a VTEP bridge group member ingress interface. What must be considered by an engineer tasked with specifying a destination MAC address for a packet trace?
Only the UDP packet type is supported.
The output format option for the packet logs is unavailable.
The destination MAC address is optional if a VLAN ID value is entered.
The VLAN ID and destination MAC address are optional.
An engineer is reviewing a ticket that requests to allow traffic for some devices that must connect to a server over 8699/udp. The request mentions only one IP address, 172.16.18.15, but the requestor asked for the engineer to open the port for all machines that have been trying to connect to it over the last week. Which action must the engineer take to troubleshoot this issue?
Use the context explorer to see the application blocks by protocol.
Use the context explorer to see the destination port blocks
Filter the connection events by the source port 8699/udp.
Filter the connection events by the destination port 8699/udp.
A security engineer is configuring a remote Cisco FTD that has limited resources and internet bandwidth. Which malware action and protection option should be configured to reduce the requirement for cloud lookups?
Malware Cloud Lookup and dynamic analysis
Block Malware action and dynamic analysis
Block Malware action and local malware analysis
Block File action and local malware analysis
An administrator receives reports that users cannot access a cloud-hosted web server. The access control policy was recently updated with several new policy additions and URL filtering. What must be done to troubleshoot the issue and restore access without sacrificing the organization's security posture?
Create a new access control policy rule to allow ports 80 and 443 to the FQDN of the web server.
Identify the blocked traffic in the Cisco FMC connection events to validate the block, and modify the policy to allow the traffic to the web server.
Verify the blocks using the packet capture tool and create a rule with the action monitor for the traffic.
Download a PCAP of the traffic attempts to verify the blocks and use the flexconfig objects to create a rule that allows only the required traffic to the destination server.
Refer to the exhibit.
An engineer is modifying an access control policy to add a rule to Inspect all DNS traffic that passes it making the change and deploying the policy, they see that DNS traffic Is not being Inspected by the Snort engine. What is......
The rule must specify the security zone that originates the traffic.
The rule Is configured with the wrong setting for the source port.
The rule must define the source network for inspection as well as the port.
The action of the rule is set to trust instead of allow.
While integrating Cisco Umbrella with Cisco Threat Response, a network security engineer wants to automatically push blocking of domains from the Cisco Threat Response interface to Cisco Umbrell a. Which API meets this requirement?
investigate
reporting
enforcement
REST
Question