Home / Cisco / 300-710

Cisco 300-710 Practice Test - Questions Answers, Page 24

Question list

List of questions

Question 231

(0)

An engineer must deploy a Cisco FTD appliance via Cisco FMC to span a network segment to detect malware and threats. When setting the Cisco FTD interface mode, which sequence of actions meets this r

Question 232

(0)

Refer to the exhibit. An engineer is analyzing a Network Risk Report from Cisco FMC. Which application must the engineer take immediate action against to prevent unauthorized network use?

Question 233

(0)

An engineer wants to perform a packet capture on the Cisco FTD to confirm that the host using IP address 192 168.100.100 has the MAC address of 0042 7734.103 to help troubleshoot a connectivity issu

Question 234

(0)

An administrator is adding a QoS policy to a Cisco FTD deployment. When a new rule is added to the policy and QoS is applied on 'Interfaces in Destination Interface Objects", no interface objects ar

Question 235

(0)

A Cisco FMC administrator wants to configure fastpathing of trusted network traffic to increase performance. In which type of policy would the administrator configure this feature?

Question 236

(0)

A network administrator is troubleshooting access to a website hosted behind a Cisco FTD device External clients cannot access the web server via HTTPS The IP address configured on the web server is

Question 237

(0)

Remote users who connect via Cisco AnyConnect to the corporate network behind a Cisco FTD device report that they get no audio when calling between remote users using their softphones. These same us

Question 238

(0)

An engineer must configure the firewall to monitor traffic within a single subnet without increasing the hop count of that traffic. How would the engineer achieve this?

Question 239

(0)

Which action must be taken on the Cisco FMC when a packet bypass is configured in case the Snort engine is down or a packet takes too long to process?

Question 240

(0)

An engineer is configuring multiple Cisco FTD appliances (or use in the network. Which rule must the engineer follow while defining interface objects in Cisco FMC for use with interfaces across mult

Related questions

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

What is the difference between inline and inline tap on Cisco Firepower?

What is a result of enabling Cisco FTD clustering?

A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

An engineer has been tasked with performing an audit of network projects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense Cisco Secure firewall ASA, and Meraki MX Series) deployed throughout the company Which tool will assist the engineer in performing that audit?

A software development company hosts the website http:dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be able associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?

An engineer is troubleshooting an intermittent connectivity issue on a Cisco Secure Firewall Threat Defense appliance and must collect 24 hours' worth of data. The engineer started a packet capture. Whenever it stops prematurely during this time period. The engineer notices that the packet capture butter size is set to the default of 32 MB Which butter S170 is the maximum that the engineer must sot to able the packet capture to run successfully?

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

Question 231

An engineer must deploy a Cisco FTD appliance via Cisco FMC to span a network segment to detect malware and threats. When setting the Cisco FTD interface mode, which sequence of actions meets this requirement?

Set to passive, and configure an access control policy with an intrusion policy and a file policy defined

Set to passive, and configure an access control policy with a prefilter policy defined

Set to none, and configure an access control policy with a prefilter policy defined

Set to none, and configure an access control policy with an intrusion policy and a file policy defined

Show Answer Comment (0)

Question 232

Refer to the exhibit.

An engineer is analyzing a Network Risk Report from Cisco FMC. Which application must the engineer take immediate action against to prevent unauthorized network use?

Kerberos

YouTube

Chrome

TOR

Show Answer Comment (0)

Question 233

An engineer wants to perform a packet capture on the Cisco FTD to confirm that the host using IP address 192 168.100.100 has the MAC address of 0042 7734.103 to help troubleshoot a connectivity issue What is the correct tcpdump command syntax to ensure that the MAC address appears in the packet capture output?

-nm src 192.168.100.100

-ne src 192.168.100.100

-w capture.pcap -s 1518 host 192.168.100.100 mac

-w capture.pcap -s 1518 host 192.168.100.100 ether

Show Answer Comment (0)

Question 234

An administrator is adding a QoS policy to a Cisco FTD deployment. When a new rule is added to the policy and QoS is applied on 'Interfaces in Destination Interface Objects", no interface objects are available What is the problem?

The FTD is out of available resources lor use. so QoS cannot be added

The network segments that the interfaces are on do not have contiguous IP space

QoS is available only on routed interfaces, and this device is in transparent mode.

A conflict exists between the destination interface types that is preventing QoS from being added

Show Answer Comment (0)

Question 235

A Cisco FMC administrator wants to configure fastpathing of trusted network traffic to increase performance. In which type of policy would the administrator configure this feature?

Identity policy

Prefilter policy

Network Analysis policy

Intrusion policy

Show Answer Comment (0)

Question 236

A network administrator is troubleshooting access to a website hosted behind a Cisco FTD device External clients cannot access the web server via HTTPS The IP address configured on the web server is 192 168 7.46 The administrator is running the command capture CAP interface outside match ip any 192.168.7.46 255.255.255.255 but cannot see any traffic in the capture Why is this occurring?

The capture must use the public IP address of the web server.

The FTD has no route to the web server.

The access policy is blocking the traffic.

The packet capture shows only blocked traffic

Show Answer Comment (0)

Question 237

Remote users who connect via Cisco AnyConnect to the corporate network behind a Cisco FTD device report that they get no audio when calling between remote users using their softphones. These same users can call internal users on the corporate network without any issues. What is the cause of this issue?

The hairpinning feature is not available on FTD.

Split tunneling is enabled for the Remote Access VPN on FTD

FTD has no NAT policy that allows outside to outside communication

The Enable Spoke to Spoke Connectivity through Hub option is not selected on FTD.

Show Answer Comment (0)

Question 238

An engineer must configure the firewall to monitor traffic within a single subnet without increasing the hop count of that traffic. How would the engineer achieve this?

Configure Cisco Firepower as a transparent firewall

Set up Cisco Firepower as managed by Cisco FDM

Configure Cisco Firepower in FXOS monitor only mode.

Set up Cisco Firepower in intrusion prevention mode

Show Answer Comment (0)

Question 239

Which action must be taken on the Cisco FMC when a packet bypass is configured in case the Snort engine is down or a packet takes too long to process?

Enable Inspect Local Router Traffic

Enable Automatic Application Bypass

Configure Fastpath rules to bypass inspection

Add a Bypass Threshold policy for failures

Show Answer Comment (0)

Question 240

An engineer is configuring multiple Cisco FTD appliances (or use in the network. Which rule must the engineer follow while defining interface objects in Cisco FMC for use with interfaces across multiple devices?

An interface cannot belong to a security zone and an interface group

Interface groups can contain multiple interface types

Interface groups can contain interfaces from many devices.

Two security zones can contain the same interface

Show Answer Comment (0)

Total 326 questions

22 23 24 25 26

Go to page: of 33