Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Cisco
  3. CCNP Security
  4. 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF)

300-710 Exam Dumps - Securing Networks with Cisco Firepower (300-710 SNCF)

Go to page:
Question # 49

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

A.

VPN connections can be re-established only if the failed master unit recovers.

B.

Smart License is required to maintain VPN connections simultaneously across all cluster units.

C.

VPN connections must be re-established when a new master unit is elected.

D.

Only established VPN connections are maintained when a new master unit is elected.

Full Access
Question # 50

A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?

A.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

B.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

C.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

D.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

Full Access
Question # 51

A company wants a solution to aggregate the capacity of two Cisco FTD devices to make the best use of resources such as bandwidth and connections per second. Which order of steps must be taken across the Cisco FTDs with Cisco FMC to meet this requirement?

A.

Configure the Cisco FTD interfaces, add members to FMC, configure cluster members in FMC, and create cluster in Cisco FMC.

B.

Add members to Cisco FMC, configure Cisco FTD interfaces in Cisco FMC. configure cluster members in Cisco FMC, create cluster in Cisco FMC. and configure cluster members in Cisco FMC.

C.

Configure the Cisco FTD interfaces and cluster members, add members to Cisco FMC. and create the cluster in Cisco FMC.

D.

Add members to the Cisco FMC, configure Cisco FTD interfaces, create the cluster in Cisco FMC, and configure cluster members in Cisco FMC.

Full Access
Question # 52

A security analyst must create a new report within Cisco FMC to show an overview of the daily attacks, vulnerabilities, and connections. The analyst wants to reuse specific dashboards from other reports to create this consolidated one. Which action accomplishes this task?

A.

Create a new dashboard object via Object Management to represent the desired views.

B.

Modify the Custom Workflows within the Cisco FMC to feed the desired data into the new report.

C.

Copy the Malware Report and modify the sections to pull components from other reports.

D.

Use the import feature in the newly created report to select which dashboards to add.

Full Access
Question # 53

Which component simplifies incident investigation with Cisco Threat Response?

A.

Cisco AMP client

B.

local CVE database

C.

Cisco Secure Firewall appliance

D.

browser plug-in

Full Access
Question # 54

An engineer is troubleshooting HTTP traffic to a web server using the packet capture tool on Cisco FMC. When reviewing the captures, the engineer notices that there are a lot of packets that are not sourced from or destined to the web server being captured. How can the engineer reduce the strain of capturing packets for irrelevant traffic on the Cisco FTD device?

A.

Use the host filter in the packet capture to capture traffic to or from a specific host.

B.

Redirect the packet capture output to a. pcap file that can be opened with Wireshark.

C.

Use the -c option to restrict the packet capture to only the first 100 packets.

D.

Use an access-list within the packet capture to permit only HTTP traffic to and from the web server.

Full Access
Question # 55

Refer to the exhibit. An engineer is deploying a new instance of Cisco Secure Firewall Threat Defense. Which action must the engineer take next so that Client_A and Client_B receive an IP address via DHCP from Server_A?

A.

Disable Option 82 in the DHCP relay configuration properties using Secure Firewall Management Center.

B.

Add access rules that allow DHCP traffic by using Cisco Secure Firewall Management Center.

C.

Add another DHCP pool on Server_A with DHCP relay on Secure Firewall Threat Defense.

D.

Disable all the DHCP Snort rules by using Secure Firewall Device Manager.

Full Access
Question # 56

Refer to the exhibit. An engineer must configure a connection on a Cisco ASA Firewall with a Cisco Secure Firewall Services Module to ensure that the secondary interface takes over all the functions of the primary interface if the primary interface fails. Drag and drop the code snippets from the bottom onto the boxes in the CLI commands to configure the failover. Not all options are used.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps