Home / Cisco / 300-710

Cisco 300-710 Practice Test - Questions Answers, Page 23

Question list

List of questions

Question 221

(0)

A security engineer must deploy a Cisco FTD appliance as a bump in the wire to detect intrusion events without disrupting the flow of network traffic. Which two features must be configured to accomp

Question 222

(0)

Due to an Increase in malicious events, a security engineer must generate a threat report to include intrusion events, malware events, and security intelligence events. How Is this information colle

Question 223

(0)

An engineer attempts to pull the configuration for a Cisco FTD sensor to review with Cisco TAC but does not have direct access to the CU for the device. The CLl for the device is managed by Cisco FM

Question 224

(0)

An administrator is attempting to add a new FTD device to their FMC behind a NAT device with a NAT ID of NAT001 and a password of Cisco0420l06525. The private IP address of the FMC server is 192.168

Question 225

(0)

A security analyst must create a new report within Cisco FMC to show an overview of the daily attacks, vulnerabilities, and connections. The analyst wants to reuse specific dashboards from other rep

Question 226

(0)

A network administrator has converted a Cisco FTD from using LDAP to LDAPS for VPN authentication. The Cisco FMC can connect to the LDAPS server, but the Cisco FTD is not connecting. Which configur

Question 227

(0)

When using Cisco Threat Response, which phase of the Intelligence Cycle publishes the results of the investigation?

Question 228

(0)

A security engineer must integrate an external feed containing STIX/TAXII data with Cisco FMC. Which feature must be enabled on the Cisco FMC to support this connection?

Question 229

(0)

A network administrator wants to block traffic to a known malware site at https://www.badsite.comand all subdomains while ensuring no packets from any internal client are sent to that site. Whicht

Question 230

(0)

An organization is configuring a new Cisco Firepower High Availability deployment. Which action must be taken to ensure that failover is as seamless as possible to end users?

Related questions

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

What is the difference between inline and inline tap on Cisco Firepower?

What is a result of enabling Cisco FTD clustering?

A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

An engineer has been tasked with performing an audit of network projects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense Cisco Secure firewall ASA, and Meraki MX Series) deployed throughout the company Which tool will assist the engineer in performing that audit?

A software development company hosts the website http:dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be able associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?

An engineer is troubleshooting an intermittent connectivity issue on a Cisco Secure Firewall Threat Defense appliance and must collect 24 hours' worth of data. The engineer started a packet capture. Whenever it stops prematurely during this time period. The engineer notices that the packet capture butter size is set to the default of 32 MB Which butter S170 is the maximum that the engineer must sot to able the packet capture to run successfully?

Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

Question 221

A security engineer must deploy a Cisco FTD appliance as a bump in the wire to detect intrusion events without disrupting the flow of network traffic. Which two features must be configured to accomplish the task? (Choose two.)

inline set pair

transparent mode

tapemode

passive interfaces

bridged mode

Show Answer Comment (0)

Question 222

Due to an Increase in malicious events, a security engineer must generate a threat report to include intrusion events, malware events, and security intelligence events. How Is this information collected in a single report?

Run the default Firepower report.

Export the Attacks Risk report.

Generate a malware report.

Create a Custom report.

Show Answer Comment (0)

Question 223

An engineer attempts to pull the configuration for a Cisco FTD sensor to review with Cisco TAC but does not have direct access to the CU for the device. The CLl for the device is managed by Cisco FMC to which the engineer has access.

Which action in Cisco FMC grants access to the CLl for the device?

Export the configuration using the Import/Export tool within Cisco FMC.

Create a backup of the configuration within the Cisco FMC.

Use the show run all command in the Cisco FTD CLI feature within Cisco FMC.

Download the configuration file within the File Download section of Cisco FMC.

Show Answer Comment (0)

Question 224

An administrator is attempting to add a new FTD device to their FMC behind a NAT device with a NAT ID of NAT001 and a password of Cisco0420l06525. The private IP address of the FMC server is 192.168.45.45. which is being translated to the public IP address of 209.165.200.225/27. Which command set must be used in order to accomplish this task?

configure manager add 209.165.200.225 <reg_key> <nat_id>

configure manager add 192.168.45,45 <reg_key> <nat_id>

configure manager add 209.165.200.225 255.255.255.224 <reg_key> <nat_id>

configure manager add 209.165.200.225/27 <reg_key> <nat_id>

Show Answer Comment (0)

Question 225

A security analyst must create a new report within Cisco FMC to show an overview of the daily attacks, vulnerabilities, and connections. The analyst wants to reuse specific dashboards from other reports to create this consolidated one.

Which action accomplishes this task?

Create a new dashboard object via Object Management to represent the desired views.

Modify the Custom Workflows within the Cisco FMC to feed the desired data into the new report.

Copy the Malware Report and modify the sections to pull components from other reports.

Use the import feature in the newly created report to select which dashboards to add.

Show Answer Comment (0)

Question 226

A network administrator has converted a Cisco FTD from using LDAP to LDAPS for VPN authentication. The Cisco FMC can connect to the LDAPS server, but the Cisco FTD is not connecting.

Which configuration must be enabled on the Cisco FTD?

SSL must be set to a use TLSv1.2 or lower.

The LDAPS must be allowed through the access control policy.

DNS servers must be defined for name resolution.

The RADIUS server must be defined.

Show Answer Comment (0)

Question 227

When using Cisco Threat Response, which phase of the Intelligence Cycle publishes the results of the investigation?

direction

dissemination

processing

analysis

Show Answer Comment (0)

Question 228

A security engineer must integrate an external feed containing STIX/TAXII data with Cisco FMC.

Which feature must be enabled on the Cisco FMC to support this connection?

Cisco Success Network

Cisco Secure Endpoint Integration

Threat Intelligence Director

Security Intelligence Feeds

Show Answer Comment (0)

Question 229

A network administrator wants to block traffic to a known malware site at https://www.badsite.comand all subdomains while ensuring no packets from any internal client are sent to that site. Whichtype of policy must the network administrator use to accomplish this goal?

Prefilter policy

SSL policy

DNS policy

Access Control policy with URL filtering

Show Answer Comment (0)

Question 230

An organization is configuring a new Cisco Firepower High Availability deployment. Which action must be taken to ensure that failover is as seamless as possible to end users?

Set up a virtual failover MAC address between chassis.

Use a dedicated stateful link between chassis.

Load the same software version on both chassis.

Set the same FQDN for both chassis.

Show Answer Comment (0)

Total 326 questions

21 22 23 24 25

Go to page: of 33