Home / Cisco / 300-710

Question list

List of questions

Question 1

(0)

What is a result of enabling Cisco FTD clustering?

Question 2

(0)

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

Question 3

(0)

On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?

Question 4

(0)

What are the minimum requirements to deploy a managed device inline?

Question 5

(0)

What is the difference between inline and inline tap on Cisco Firepower?

Question 6

(0)

With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

Question 7

(0)

Which two deployment types support high availability? (Choose two.)

Question 8

(0)

Which protocol establishes network redundancy in a switched Firepower device deployment?

Question 9

(0)

Which interface type allows packets to be dropped?

Question 10

(0)

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

Related questions

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

What is the difference between inline and inline tap on Cisco Firepower?

What is a result of enabling Cisco FTD clustering?

A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

An engineer has been tasked with performing an audit of network projects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense Cisco Secure firewall ASA, and Meraki MX Series) deployed throughout the company Which tool will assist the engineer in performing that audit?

A software development company hosts the website http:dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be able associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?

An engineer is troubleshooting an intermittent connectivity issue on a Cisco Secure Firewall Threat Defense appliance and must collect 24 hours' worth of data. The engineer started a packet capture. Whenever it stops prematurely during this time period. The engineer notices that the packet capture butter size is set to the default of 32 MB Which butter S170 is the maximum that the engineer must sot to able the packet capture to run successfully?

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

Question 261 - 300-710 discussion

Which default action setting in a Cisco FTD Access Control Policy allows all traffic from an undefined application to pass without Snort Inspection?

Trust All Traffic

Inherit from Base Policy

Network Discovery Only

Intrusion Prevention

Suggested answer: A

Explanation:

The default action setting in a Cisco FTD Access Control Policy determines how the system handles and logs traffic that is not handled by any other access control configuration.The default action can block or trust all traffic without further inspection, or inspect traffic for intrusions and discovery data3.

The Trust All Traffic option allows all traffic from an undefined application to pass without Snort inspection. This option also disables Security Intelligence filtering, file and malware inspection, and URL filtering for all traffic handled by the default action.This option is useful when you want to minimize the performance impact of access control on your network3.

The other options are incorrect because:

The Inherit from Base Policy option inherits the default action setting from the base policy. The base policy is the predefined access control policy that you use as a starting point for creating your own policies.Depending on which base policy you choose, the inherited default action setting can be different3.

The Network Discovery Only option inspects all traffic for discovery data only. This option enables Security Intelligence filtering for all traffic handled by the default action, but disables file and malware inspection, URL filtering, and intrusion inspection.This option is useful when you want to collect information about your network before you configure access control rules3.

The Intrusion Prevention option inspects all traffic for intrusions and discovery data. This option enables Security Intelligence filtering, file and malware inspection, URL filtering, and intrusion inspection for all traffic handled by the default action.This option provides the most comprehensive protection for your network, but also has the most performance impact3.

Show Answer

asked 07/10/2024

Emily Luijten

46 questions

Your answer: A B C D

0 comments

Sorted by