Summer Special Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

300-710 Questions and Answers

Question # 6

Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?

A.

Cisco Firepower Threat Defense mode

B.

transparent mode

C.

routed mode

D.

integrated routing and bridging

Full Access
Question # 7

An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?

A.

Configure an IPS policy and enable per-rule logging.

B.

Disable the default IPS policy and enable global logging.

C.

Configure an IPS policy and enable global logging.

D.

Disable the default IPS policy and enable per-rule logging.

Full Access
Question # 8

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

A.

Redundant Interface

B.

EtherChannel

C.

Speed

D.

Media Type

E.

Duplex

Full Access
Question # 9

An administrator is optimizing the Cisco FTD rules to improve network performance, and wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD. Which policy must be configured to accomplish this goal?

A.

prefilter

B.

intrusion

C.

identity

D.

URL filtering

Full Access
Question # 10

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

A.

The units must be the same version

B.

Both devices can be part of a different group that must be in the same domain when configured within the FMC.

C.

The units must be different models if they are part of the same series.

D.

The units must be configured only for firewall routed mode.

E.

The units must be the same model.

Full Access
Question # 11

When deploying a Cisco ASA Firepower module, an organization wants to evaluate the contents of the traffic without affecting the network. It is currently configured to have more than one instance of the same device on the physical appliance Which deployment mode meets the needs of the organization?

A.

inline tap monitor-only mode

B.

passive monitor-only mode

C.

passive tap monitor-only mode

D.

inline mode

Full Access
Question # 12

An engineer must configure high availability for the Cisco Firepower devices. The current network topology does not allow for two devices to pass traffic concurrently. How must the devices be implemented in this environment?

A.

in active/active mode

B.

in a cluster span EtherChannel

C.

in active/passive mode

D.

in cluster interface mode

Full Access
Question # 13

Which policy rule is included in the deployment of a local DMZ during the initial deployment of a Cisco NGFW through the Cisco FMC GUI?

A.

a default DMZ policy for which only a user can change the IP addresses.

B.

deny ip any

C.

no policy rule is included

D.

permit ip any

Full Access
Question # 14

An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. They are unable to gather information about neighbouring Cisco devices or use multicast in their environment. What must be done to resolve this issue?

A.

Create a firewall rule to allow CDP traffic.

B.

Create a bridge group with the firewall interfaces.

C.

Change the firewall mode to transparent.

D.

Change the firewall mode to routed.

Full Access
Question # 15

On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?

A.

transparent inline mode

B.

TAP mode

C.

strict TCP enforcement

D.

propagate link state

Full Access
Question # 16

A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to support?

A.

active/active failover

B.

transparent

C.

routed

D.

high availability clustering

Full Access
Question # 17

Which two actions can be used in an access control policy rule? (Choose two.)

A.

Block with Reset

B.

Monitor

C.

Analyze

D.

Discover

E.

Block ALL

Full Access
Question # 18

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

A.

configure manager local 10.0.0.10 Cisco123

B.

configure manager add Cisco123 10.0.0.10

C.

configure manager local Cisco123 10.0.0.10

D.

configure manager add 10.0.0.10 Cisco123

Full Access
Question # 19

What are the minimum requirements to deploy a managed device inline?

A.

inline interfaces, security zones, MTU, and mode

B.

passive interface, MTU, and mode

C.

inline interfaces, MTU, and mode

D.

passive interface, security zone, MTU, and mode

Full Access
Question # 20

Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

A.

FlexConfig

B.

BDI

C.

SGT

D.

IRB

Full Access
Question # 21

An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time. What configuration change must be made to alleviate this issue?

A.

Leave default networks.

B.

Change the method to TCP/SYN.

C.

Increase the number of entries on the NAT device.

D.

Exclude load balancers and NAT devices.

Full Access
Question # 22

An organization does not want to use the default Cisco Firepower block page when blocking HTTP traffic. The organization wants to include information about its policies and procedures to help educate the users whenever a block occurs. Which two steps must be taken to meet these requirements? (Choose two.)

A.

Modify the system-provided block page result using Python.

B.

Create HTML code with the information for the policies and procedures.

C.

Edit the HTTP request handling in the access control policy to customized block.

D.

Write CSS code with the information for the policies and procedures.

E.

Change the HTTP response in the access control policy to custom.

Full Access
Question # 23

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

A.

Send Cisco FTD connection events and security events directly to SIEM system for storage and analysis.

B.

Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis.

C.

Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis.

D.

Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis.

Full Access
Question # 24

An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring?

A.

The NAT ID is required since the Cisco FMC is behind a NAT device.

B.

The IP address used should be that of the Cisco FTD. not the Cisco FMC.

C.

DONOTRESOLVE must be added to the command

D.

The registration key is missing from the command

Full Access
Question # 25

An engineer is configuring Cisco FMC and wants to allow multiple physical interfaces to be part of the same VLAN. The managed devices must be able to perform Layer 2 switching between interfaces, including sub-interfaces. What must be configured to meet these requirements?

A.

interface-based VLAN switching

B.

inter-chassis clustering VLAN

C.

integrated routing and bridging

D.

Cisco ISE Security Group Tag

Full Access
Question # 26

Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

A.

BGPv6

B.

ECMP with up to three equal cost paths across multiple interfaces

C.

ECMP with up to three equal cost paths across a single interface

D.

BGPv4 in transparent firewall mode

E.

BGPv4 with nonstop forwarding

Full Access
Question # 27

Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)

A.

OSPFv2 with IPv6 capabilities

B.

virtual links

C.

SHA authentication to OSPF packets

D.

area boundary router type 1 LSA filtering

E.

MD5 authentication to OSPF packets

Full Access
Question # 28

When creating a report template, how can the results be limited to show only the activity of a specific subnet?

A.

Create a custom search in Firepower Management Center and select it in each section of the report.

B.

Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.

C.

Add a Table View section to the report with the Search field defined as the network in CIDR format.

D.

Select IP Address as the X-Axis in each section of the report.

Full Access
Question # 29

A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?

A.

A manual NAT exemption rule does not exist at the top of the NAT table.

B.

An external NAT IP address is not configured.

C.

An external NAT IP address is configured to match the wrong interface.

D.

An object NAT exemption rule does not exist at the top of the NAT table.

Full Access
Question # 30

Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

A.

dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7 application protocols.

B.

reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists

C.

network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country

D.

network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country

E.

reputation-based objects, such as URL categories

Full Access
Question # 31

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

A.

VPN connections can be re-established only if the failed master unit recovers.

B.

Smart License is required to maintain VPN connections simultaneously across all cluster units.

C.

VPN connections must be re-established when a new master unit is elected.

D.

Only established VPN connections are maintained when a new master unit is elected.

Full Access
Question # 32

A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown. What is the cause of this issue?

A.

The malware license has not been applied to the Cisco FTD.

B.

The Cisco FMC cannot reach the Internet to analyze files.

C.

A file policy has not been applied to the access policy.

D.

Only Spero file analysis is enabled.

Full Access
Question # 33

A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?

A.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

B.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

C.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

D.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

Full Access
Question # 34

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet.

Full Access
Question # 35

Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high- availability?

A.

configure high-availability resume

B.

configure high-availability disable

C.

system support network-options

D.

configure high-availability suspend

Full Access
Question # 36

Which report template field format is available in Cisco FMC?

A.

box lever chart

B.

arrow chart

C.

bar chart

D.

benchmark chart

Full Access
Question # 37

Which command-line mode is supported from the Cisco Firepower Management Center CLI?

A.

privileged

B.

user

C.

configuration

D.

admin

Full Access
Question # 38

Which two packet captures does the FTD LINA engine support? (Choose two.)

A.

Layer 7 network ID

B.

source IP

C.

application ID

D.

dynamic firewall importing

E.

protocol

Full Access
Question # 39

Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.

Full Access
Question # 40

What is the benefit of selecting the trace option for packet capture?

A.

The option indicates whether the packet was dropped or successful.

B.

The option indicated whether the destination host responds through a different path.

C.

The option limits the number of packets that are captured.

D.

The option captures details of each packet.

Full Access
Question # 41

When do you need the file-size command option during troubleshooting with packet capture?

A.

when capture packets are less than 16 MB

B.

when capture packets are restricted from the secondary memory

C.

when capture packets exceed 10 GB

D.

when capture packets exceed 32 MB

Full Access
Question # 42

Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

A.

An option to re-apply NAT and VPN policies during registration is available, so users do not need to re- apply the policies after registration is completed.

B.

Before re-adding the device in Cisco FMC, you must add the manager back in the device.

C.

No option to delete and re-add a device is available in the Cisco FMC web interface.

D.

The Cisco FMC web interface prompts users to re-apply access control policies.

E.

No option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.

Full Access
Question # 43

What is a functionality of port objects in Cisco FMC?

A.

to mix transport protocols when setting both source and destination port conditions in a rule

B.

to represent protocols other than TCP, UDP, and ICMP

C.

to represent all protocols in the same way

D.

to add any protocol other than TCP or UDP for source port conditions in access control rules.

Full Access
Question # 44

How many report templates does the Cisco Firepower Management Center support?

A.

20

B.

10

C.

5

D.

unlimited

Full Access
Question # 45

Within Cisco Firepower Management Center, where does a user add or modify widgets?

A.

dashboard

B.

reporting

C.

context explorer

D.

summary tool

Full Access
Question # 46

Which Cisco Firepower feature is used to reduce the number of events received in a period of time?

A.

rate-limiting

B.

suspending

C.

correlation

D.

thresholding

Full Access
Question # 47

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

A.

system support firewall-engine-debug

B.

system support ssl-debug

C.

system support platform

D.

system support dump-table

Full Access
Question # 48

What is a behavior of a Cisco FMC database purge?

A.

User login and history data are removed from the database if the User Activity check box is selected.

B.

Data can be recovered from the device.

C.

The appropriate process is restarted.

D.

The specified data is removed from Cisco FMC and kept for two weeks.

Full Access
Question # 49

Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?

A.

show running-config

B.

show tech-support chassis

C.

system support diagnostic-cli

D.

sudo sf_troubleshoot.pl

Full Access
Question # 50

What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

A.

1024

B.

8192

C.

4096

D.

2048

Full Access
Question # 51

Which group within Cisco does the Threat Response team use for threat analysis and research?

A.

Cisco Deep Analytics

B.

OpenDNS Group

C.

Cisco Network Response

D.

Cisco Talos

Full Access
Question # 52

What is the maximum SHA level of filtering that Threat Intelligence Director supports?

A.

SHA-1024

B.

SHA-4096

C.

SHA-512

D.

SHA-256

Full Access
Question # 53

What is a valid Cisco AMP file disposition?

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

Full Access
Question # 54

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

A.

application blocking

B.

simple custom detection

C.

file repository

D.

exclusions

E.

application whitelisting

Full Access
Question # 55

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

A.

Windows domain controller

B.

audit

C.

triage

D.

protection

Full Access
Question # 56

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

A.

dynamic null route configured

B.

DHCP pool disablement

C.

quarantine

D.

port shutdown

E.

host shutdown

Full Access
Question # 57

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

A.

Add the malicious file to the block list.

B.

Send a snapshot to Cisco for technical support.

C.

Forward the result of the investigation to an external threat-analysis engine.

D.

Wait for Cisco Threat Response to automatically block the malware.

Full Access
Question # 58

Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

A.

pxGrid

B.

FTD RTC

C.

FMC RTC

D.

ISEGrid

Full Access
Question # 59

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

A.

unavailable

B.

unknown

C.

clean

D.

disconnected

Full Access
Question # 60

What is a limitation to consider when running a dynamic routing protocol on a Cisco FTD device in IRB mode?

A.

Only link-stale routing protocols are supported.

B.

Only distance vector routing protocols are supported.

C.

Only EtherChannel interfaces are supposed.

D.

Only nonbridge interfaces are supported.

Full Access
Question # 61

A security engineer is adding three Cisco FTD devices to a Cisco FMC. Two of the devices have successfully registered to the Cisco FMC. The device that is unable to register is located behind a router that translates all outbound traffic to the router's WAN IP address. Which two steps are required for this device to register to the Cisco FMC? (Choose two.)

A.

Reconfigure the Cisco FMC lo use the device's private IP address instead of the WAN address.

B.

Configure a NAT ID on both the Cisco FMC and the device.

C.

Add the port number being used for PAT on the router to the device's IP address in the Cisco FMC.

D.

Reconfigure the Cisco FMC to use the device's hostname instead of IP address.

E.

Remove the IP address defined for the device in the Cisco FMC.

Full Access
Question # 62

A network administrator is concerned about (he high number of malware files affecting users' machines. What must be done within the access control policy in Cisco FMC to address this concern?

A.

Create an intrusion policy and set the access control policy to block.

B.

Create an intrusion policy and set the access control policy to allow.

C.

Create a file policy and set the access control policy to allow.

D.

Create a file policy and set the access control policy to block.

Full Access
Question # 63

A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet How is this accomplished on an FTD device in routed mode?

A.

by leveraging the ARP to direct traffic through the firewall

B.

by assigning an inline set interface

C.

by using a BVI and create a BVI IP address in the same subnet as the user segment

D.

by bypassing protocol inspection by leveraging pre-filter rules

Full Access
Question # 64

An administrator Is setting up a Cisco PMC and must provide expert mode access for a security engineer. The engineer Is permitted to use only a secured out-of-band network workstation with a static IP address to access the Cisco FMC. What must be configured to enable this access?

A.

Enable SSH and define an access list.

B.

Enable HTTP and define an access list.

C.

Enable SCP under the Access List section.

D.

Enable HTTPS and SNMP under the Access List section.

Full Access
Question # 65

An engineer runs the command restore remote-manager-backup location 2.2.2.2 admin /Volume/home/admin FTD408566513.zip on a Cisco FMC. After connecting to the repository, the Cisco FTD device is unable to accept the backup file. What is the reason for this failure?

A.

The backup file is not in .cfg format.

B.

The wrong IP address is used.

C.

The backup file extension was changed from .tar to .zip.

D.

The directory location is incorrect.

Full Access
Question # 66

A Cisco FTD device is running in transparent firewall mode with a VTEP bridge group member ingress interface. What must be considered by an engineer tasked with specifying a destination MAC address for a packet trace?

A.

Only the UDP packet type is supported.

B.

The output format option for the packet logs is unavailable.

C.

The destination MAC address is optional if a VLAN ID value is entered.

D.

The VLAN ID and destination MAC address are optional.

Full Access
Question # 67

A network administrator is configuring an FTD in transparent mode. A bridge group is set up and an access policy has been set up to allow all IP traffic. Traffic is not passing through the FTD. What additional configuration is needed?

A.

The security levels of the interfaces must be set.

B.

A default route must be added to the FTD.

C.

An IP address must be assigned to the BVI.

D.

A mac-access control list must be added to allow all MAC addresses.

Full Access
Question # 68

An engineer defines a new rule while configuring an Access Control Policy. After deploying the policy, the rule is not working as expected and the hit counters associated with the rule are showing zero. What is causing this error?

A.

Logging is not enabled for the rule.

B.

The rule was not enabled after being created.

C.

The wrong source interface for Snort was selected in the rule.

D.

An incorrect application signature was used in the rule.

Full Access