Cisco 300-710 Practice Test - Questions Answers, Page 3
Question list
List of questions
Related questions
Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN. What must be configured to meet these requirements?
span EtherChannel clustering
redundant interfaces
high availability active/standby firewalls
multi-instance firewalls
An engineer is configuring a Cisco IPS to protect the network and wants to test a policy before deploying it. A copy of each incoming packet needs to be monitored while traffic flow remains constant. Which IPS mode should be implemented to meet these requirements?
Inline tap
passive
transparent
routed
A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?
Shut down the Cisco FMC before powering up the replacement unit.
Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC.
Unregister the faulty Cisco FTD device from the Cisco FMC
Shut down the active Cisco FTD device before powering up the replacement unit.
An administrator is optimizing the Cisco FTD rules to improve network performance, and wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD. Which policy must be configured to accomplish this goal?
prefilter
intrusion
identity
URL filtering
A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to support?
active/active failover
transparent
routed
high availability clustering
An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?
Add a native instance to distribute traffic to each Cisco FTD context.
Add the Cisco FTD device to the Cisco ASA port channels.
Configure a container instance in the Cisco FTD for each context in the Cisco ASA.
Configure the Cisco FTD to use port channels spanning multiple networks.
Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?
Cisco Firepower Threat Defense mode
transparent mode
routed mode
integrated routing and bridging
Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)
OSPFv2 with IPv6 capabilities
virtual links
SHA authentication to OSPF packets
area boundary router type 1 LSA filtering
MD5 authentication to OSPF packets
When creating a report template, how can the results be limited to show only the activity of a specific subnet?
Create a custom search in Firepower Management Center and select it in each section of the report.
Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.
Add a Table View section to the report with the Search field defined as the network in CIDR format.
Select IP Address as the X-Axis in each section of the report.
What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?
VPN connections can be re-established only if the failed master unit recovers.
Smart License is required to maintain VPN connections simultaneously across all cluster units.
VPN connections must be re-established when a new master unit is elected.
Only established VPN connections are maintained when a new master unit is elected.
Question