Home / Cisco / 300-710

Cisco 300-710 Practice Test - Questions Answers, Page 26

Question list

List of questions

Question 251

(0)

An engineer defines a new rule while configuring an Access Control Policy. After deploying the policy, the rule is not working as expected and the hit counters associated with the rule are showing z

Question 252

(0)

A network administrator is configuring a site-to-site IPsec VPN to a router sitting behind a Cisco FTD. The administrator has configured an access policy to allow traffic to this device on UDP 500,

Question 253

(0)

An engineer is configuring two new Cisco FTD devices to replace the existing high availability firewall pair in a highly secure environment. The information exchanged between the FTD devices over th

Question 254

(0)

An engineer is troubleshooting HTTP traffic to a web server using the packet capture tool on CiscoFMC. When reviewing the captures, the engineer notices that there are a lot of packets that are nots

Question 255

(0)

A security engineer needs to configure a network discovery policy on a Cisco FMC appliance and prevent excessive network discovery events from overloading the FMC database? Which action must be take

Question 256

(0)

An engineer is setting up a remote access VPN on a Cisco FTD device and wants to define which traffic gets sent over the VPN tunnel. Which named object type in Cisco FMC must be used to accomplish t

Question 257

(0)

Which process should be checked when troubleshooting registration issues between Cisco FMC and managed devices to verify that secure communication is occurring?

Question 258

(0)

An engineer needs to configure remote storage on Cisco FMC. Configuration backups must be available from a secure location on the network for disaster recovery. Reports need to back up to a shared l

Question 259

(0)

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https://<FMCIP>/capture/CAPI/pcap/test.pca

Question 260

(0)

A security engineer must configure policies tor a recently deployed Cisco FTD. The security policy for the company dictates that when five or more connections from external sources are initiated wit

Related questions

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

What is the difference between inline and inline tap on Cisco Firepower?

What is a result of enabling Cisco FTD clustering?

A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

An engineer has been tasked with performing an audit of network projects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense Cisco Secure firewall ASA, and Meraki MX Series) deployed throughout the company Which tool will assist the engineer in performing that audit?

A software development company hosts the website http:dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be able associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?

An engineer is troubleshooting an intermittent connectivity issue on a Cisco Secure Firewall Threat Defense appliance and must collect 24 hours' worth of data. The engineer started a packet capture. Whenever it stops prematurely during this time period. The engineer notices that the packet capture butter size is set to the default of 32 MB Which butter S170 is the maximum that the engineer must sot to able the packet capture to run successfully?

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

Question 251

An engineer defines a new rule while configuring an Access Control Policy. After deploying the policy, the rule is not working as expected and the hit counters associated with the rule are showing zero.

What is causing this error?

Logging is not enabled for the rule.

The rule was not enabled after being created.

The wrong source interface for Snort was selected in the rule.

An incorrect application signature was used in the rule.

Show Answer Comment (0)

Question 252

A network administrator is configuring a site-to-site IPsec VPN to a router sitting behind a Cisco FTD.

The administrator has configured an access policy to allow traffic to this device on UDP 500, 4500, and ESP VPN traffic is not working. Which action resolves this issue?

Set the allow action in the access policy to trust.

Enable IPsec inspection on the access policy.

Modify the NAT policy to use the interface PAT.

Change the access policy to allow all ports.

Show Answer Comment (0)

Question 253

An engineer is configuring two new Cisco FTD devices to replace the existing high availability firewall pair in a highly secure environment. The information exchanged between the FTD devices over the failover link must be encrypted.

Which protocol supports this on the Cisco FTD?

IPsec

SSH

SSL

MACsec

Show Answer Comment (0)

Question 254

An engineer is troubleshooting HTTP traffic to a web server using the packet capture tool on CiscoFMC. When reviewing the captures, the engineer notices that there are a lot of packets that are notsourced from or destined to the web server being captured. How can the engineer reduce the strainof capturing packets for irrelevant traffic on the Cisco FTD device?

Use the host filter in the packet capture to capture traffic to or from a specific host.

Redirect the packet capture output to a .pcap file that can be opened with Wireshark.

Use the -c option to restrict the packet capture to only the first 100 packets.

Use an access-list within the packet capture to permit only HTTP traffic to and from the webserver.

Show Answer Comment (0)

Question 255

A security engineer needs to configure a network discovery policy on a Cisco FMC appliance and prevent excessive network discovery events from overloading the FMC database? Which action must be taken to accomplish this task?

Change the network discovery method to TCP/SYN.

Configure NetFlow exporters for monitored networks.

Monitor only the default IPv4 and IPv6 network ranges.

Exclude load balancers and NAT devices in the policy.

Show Answer Comment (0)

Question 256

An engineer is setting up a remote access VPN on a Cisco FTD device and wants to define which traffic gets sent over the VPN tunnel. Which named object type in Cisco FMC must be used to accomplish this task?

split tunnel

crypto map

access list

route map

Show Answer Comment (0)

Question 257

Which process should be checked when troubleshooting registration issues between Cisco FMC and managed devices to verify that secure communication is occurring?

fpcollect

dhclient

sfmgr

sftunnel

Show Answer Comment (0)

Question 258

An engineer needs to configure remote storage on Cisco FMC. Configuration backups must be available from a secure location on the network for disaster recovery. Reports need to back up to a shared location that auditors can access with their Active Directory logins. Which strategy must the engineer use to meet these objectives?

Use SMB for backups and NFS for reports.

Use NFS for both backups and reports.

Use SMB for both backups and reports.

Use SSH for backups and NFS for reports.

Show Answer Comment (0)

Question 259

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https://<FMCIP>/capture/CAPI/pcap/test.pcap. an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

Cisco Firepower Threat Defense mode

routed mode

Integrated routing and bridging

transparent mode

Show Answer Comment (0)

Question 260

A security engineer must configure policies tor a recently deployed Cisco FTD. The security policy for the company dictates that when five or more connections from external sources are initiated within 2 minutes, there is cause for concern. Which type of policy must be configured in Cisco FMC \z generate an alert when this condition is triggered?

application detector

access control

intrusion

correlation

Show Answer Comment (0)

Total 326 questions

24 25 26 27 28

Go to page: of 33