Cisco 300-710 Practice Test - Questions Answers, Page 21
Question list
List of questions
Related questions
Which Cisco FMC report gives the analyst information about the ports and protocols that are related to the configured sensitive network for analysis?
Malware Report
Host Report
Firepower Report
Network Report
An engineer is investigating connectivity problems on Cisco Firepower for a specific SGT. Which command allows the engineer to capture real packets that pass through the firewall using an SGT of 64?
capture CAP type inline-tag 64 match ip any any
capture CAP match 64 type inline-tag ip any any
capture CAP headers-only type inline-tag 64 match ip any any
capture CAP buffer 64 match ip any any
A company is in the process of deploying intrusion protection with Cisco FTDs managed by a Cisco FMC. Which action must be selected to enable fewer rules detect only critical conditions and avoid false positives?
Connectivity Over Security
Balanced Security and Connectivity
Maximum Detection
No Rules Active
An engineer wants to add an additional Cisco FTD Version 6.2.3 device to their current 6.2.3 deployment to create a high availability pair.
The currently deployed Cisco FTD device is using local management and identical hardware including the available port density to enable the failover and stateful links required in a proper high availability deployment. Which action ensures that the environment is ready to pair the new Cisco FTD with the old one?
Change from Cisco FDM management to Cisco FMC management on both devices and register them to FMC.
Ensure that the two devices are assigned IP addresses from the 169 254.0.0/16 range for failover interfaces.
Factory reset the current Cisco FTD so that it can synchronize configurations with the new Cisco FTD device.
Ensure that the configured DNS servers match on the two devices for name resolution.
Refer to the exhibit.
What is the effect of the existing Cisco FMC configuration?
The remote management port for communication between the Cisco FMC and the managed device changes to port 8443.
The managed device is deleted from the Cisco FMC.
The SSL-encrypted communication channel between the Cisco FMC and the managed device becomes plain-text communication channel.
The management connection between the Cisco FMC and the Cisco FTD is disabled.
An engineer is troubleshooting a file that is being blocked by a Cisco FTD device on the network.
The user is reporting that the file is not malicious.
Which action does the engineer take to identify the file and validate whether or not it is malicious?
identify the file in the intrusion events and submit it to Threat Grid for analysis.
Use FMC file analysis to look for the file and select Analyze to determine its disposition.
Use the context explorer to find the file and download it to the local machine for investigation.
Right click the connection event and send the file to AMP for Endpoints to see if the hash is malicious.
Which protocol is needed to exchange threat details in rapid threat containment on Cisco FMC?
SGT
SNMP v3
BFD
pxGrid
An administrator Is setting up a Cisco PMC and must provide expert mode access for a security engineer. The engineer Is permitted to use only a secured out-of-band network workstation with a static IP address to access the Cisco FMC.
What must be configured to enable this access?
Enable SSH and define an access list.
Enable HTTP and define an access list.
Enable SCP under the Access List section.
Enable HTTPS and SNMP under the Access List section.
An engainer must add DNS-specific rules to me Cisco FTD intrusion policy. The engineer wants to use the rules currently in the Cisco FTD Snort database that are not already enabled but does not want to enable more than are needed.
Which action meets these requirements?
Change the dynamic state of the rule within the policy.
Change the base policy to Security over Connectivity.
Change the rule state within the policy being used.
Change the rules using the Generate and Use Recommendations feature.
A network administrator is trying to convert from LDAP to LDAPS for VPN user authentication on a Cisco FTD. Which action must be taken on the Cisco FTD objects to accomplish this task?
Add a Key Chain object to acquire the LDAPS certificate.
Create a Certificate Enrollment object to get the LDAPS certificate needed.
Identify the LDAPS cipher suite and use a Cipher Suite List object to define the Cisco FTD connection requirements.
Modify the Policy List object to define the session requirements for LDAPS.
Question