Ask Question
Cisco 300-710 Practice Test - Questions Answers, Page 4
Add to Whishlist
List of questions
Question 31
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)
The BVI IP address must be in a separate subnet from the connected network.
Bridge groups are supported in both transparent and routed firewall modes.
Bridge groups are supported only in transparent firewall mode.
Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridgegroup members.
Each directly connected network must be on the same subnet.
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/transparent_or_routed_firewall_mode_for_firepower_threat_defense.html
Question 32
Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?
configure manager local 10.0.0.10 Cisco123
configure manager add Cisco123 10.0.0.10
configure manager local Cisco123 10.0.0.10
configure manager add 10.0.0.10 Cisco123
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/misc/fmc-ftd-mgmt-nw/fmcftd-mgmt- nw.html#id_106101
Question 33
Which two actions can be used in an access control policy rule? (Choose two.)
Block with Reset
Monitor
Analyze
Discover
Block ALL
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-userguide/asa- firepower-module-user-guide-v541/AC-Rules-Tuning-Overview.html#71854
Question 34
Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)
BGPv6
ECMP with up to three equal cost paths across multiple interfaces
ECMP with up to three equal cost paths across a single interface
BGPv4 in transparent firewall mode
BGPv4 with nonstop forwarding
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-configguide-v601/fpmc-config-guide-v60_chapter_01100011.html#ID-2101-0000000e
Question 35
Which object type supports object overrides?
time range
security group tag
network object
DNS server group
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-configguide-v60/Reusable_Objects.html#concept_8BFE8B9A83D742D9B647A74F7AD50053
Question 36
Which Cisco Firepower rule action displays an HTTP warning page?
Monitor
Block
Interactive Block
Allow with Warning
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHTSystem-UserGuide-v5401/AC-Rules-Tuning-Overview.html#76698
Question 37
What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?
The rate-limiting rule is disabled.
Matching traffic is not rate limited.
The system rate-limits all traffic.
The system repeatedly generates warnings.
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/quality_of_service_qos.pdf
Question 38
Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?
FlexConfig
BDI
SGT
IRB
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/relnotes/Firepower_System_Release_Notes_Version_620/new_features_and_functionality.html
Question 39
In which two places can thresholding settings be configured? (Choose two.)
on each IPS rule
globally, within the network analysis policy
globally, per intrusion policy
on each access control rule
per preprocessor, within the network analysis policy
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-userguide/asa- firepower-module-user-guide-v541/Intrusion-Global-Threshold.pdf
Question 40
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)
Traffic inspection can be interrupted temporarily when configuration changes are deployed.
The system performs intrusion inspection followed by file inspection.
They can block traffic based on Security Intelligence data.
File policies use an associated variable set to perform intrusion prevention.
The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-configguide-v60/Access_Control_Using_Intrusion_and_File_Policies.html
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
3
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
20
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Selling illegal goods, money scams etc.
Serious attack on a group.
Harassing an individual (including doxing)
Threatening or glorifying violence or serious harm, including self-harm
Nudity/Sexual content
Sexually explicit or suggestive imagery or writing involving minors
Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans
Reusing content without attribution (link and blockquotes)
Not in English or has very bad formatting, grammar, and spelling
Author's credential is offensive, spam, or impersonation
Ex. Illegal content, incomplete question...
Question