300-710 Exam Dumps - Securing Networks with Cisco Firepower (300-710 SNCF)

Go to page:

<< First
Prev
3
4
5
6
7
8
9
10
11
12
Next
Last >>

Question # 57

An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks What must be configured in order to maintain data privacy for both departments?

Use a dedicated IPS inline set for each department to maintain traffic separation

Use 802 1Q mime set Trunk interfaces with VLANs to maintain logical traffic separation

Use passive IDS ports for both departments

Use one pair of inline set in TAP mode for both departments

Full Access

Question # 58

An organization has noticed that malware was downloaded from a website that does not currently have a known bad reputation. How will this issue be addresses globally in the quickest way possible and with the least amount of impact?

by denying outbound web access

Cisco Talos will automatically update the policies.

by Isolating the endpoint

by creating a URL object in the policy to block the website

Full Access

Question # 59

Which object type supports object overrides?

time range

security group tag

network object

DNS server group

Full Access

Question # 60

An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring?

The NAT ID is required since the Cisco FMC is behind a NAT device.

The IP address used should be that of the Cisco FTD. not the Cisco FMC.

DONOTRESOLVE must be added to the command

The registration key is missing from the command

Full Access

Question # 61

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)

Upgrade to version 6.6.

Enable REST API access.

Add the URL of the TAXII server.

Add 7 GB of memory.

Add a TAXII server

Full Access

Question # 62

An engineer is configuring multiple Cisco FTD appliances (or use in the network. Which rule must the engineer follow while defining interface objects in Cisco FMC for use with interfaces across multiple devices?

An interface cannot belong to a security zone and an interface group

Interface groups can contain multiple interface types

Interface groups can contain interfaces from many devices.

Two security zones can contain the same interface

Full Access

Question # 63

What is a characteristic of bridge groups on a Cisco FTD?

In routed firewall mode, routing between bridge groups must pass through a routed interface.

In routed firewall mode, routing between bridge groups is supported.

In transparent firewall mode, routing between bridge groups is supported

Routing between bridge groups is achieved only with a router-on-a-stick configuration on a connected router

Full Access

Question # 64

Refer to the exhibit.

An engineer is modifying an access control policy to add a rule to Inspect all DNS traffic that passes it making the change and deploying the policy, they see that DNS traffic Is not being Inspected by the Snort engine. What is......

The action of the rule is set to trust instead of allow.

The rule must specify the security zone that originates the traffic.

The rule Is configured with the wrong setting for the source port.

The rule must define the source network for inspection as well as the port.

Full Access

Go to page: