Summer Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 1271b8m643

300-710 Exam Dumps - Securing Networks with Cisco Firepower (300-710 SNCF)

Question # 4

A security engineer must deploy a Cisco FTD appliance as a bump in the wire to detect intrusion events without disrupting the flow of network traffic. Which two features must be configured to accomplish the task? (Choose two.)

A.

inline set pair

B.

transparent mode

C.

tapemode

D.

passive interfaces

E.

bridged mode

Full Access
Question # 5

An engineer installs a Cisco FTD device and wants to inspect traffic within the same subnet passing through a firewall and inspect traffic destined to the internet.

Which configuration will meet this requirement?

A.

transparent firewall mode with IRB only

B.

routed firewall mode with BVI and routed interfaces

C.

transparent firewall mode with multiple BVIs

D.

routed firewall mode with routed interfaces only

Full Access
Question # 6

Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?

A.

system generate-troubleshoot

B.

show configuration session

C.

show managers

D.

show running-config | include manager

Full Access
Question # 7

Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

A.

configure coredump packet-engine enable

B.

capture-traffic

C.

capture

D.

capture WORD

Full Access
Question # 8

Which group within Cisco does the Threat Response team use for threat analysis and research?

A.

Cisco Deep Analytics

B.

OpenDNS Group

C.

Cisco Network Response

D.

Cisco Talos

Full Access
Question # 9

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

A.

system support firewall-engine-debug

B.

system support ssl-debug

C.

system support platform

D.

system support dump-table

Full Access
Question # 10

Within Cisco Firepower Management Center, where does a user add or modify widgets?

A.

dashboard

B.

reporting

C.

context explorer

D.

summary tool

Full Access
Question # 11

Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN. What must be configured to meet these requirements?

A.

span EtherChannel clustering

B.

redundant interfaces

C.

high availability active/standby firewalls

D.

multi-instance firewalls

Full Access
Question # 12

Which two packet captures does the FTD LINA engine support? (Choose two.)

A.

Layer 7 network ID

B.

source IP

C.

application ID

D.

dynamic firewall importing

E.

protocol

Full Access
Question # 13

Which report template field format is available in Cisco FMC?

A.

box lever chart

B.

arrow chart

C.

bar chart

D.

benchmark chart

Full Access
Question # 14

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

A.

Redundant Interface

B.

EtherChannel

C.

Speed

D.

Media Type

E.

Duplex

Full Access
Question # 15

Which protocol establishes network redundancy in a switched Firepower device deployment?

A.

STP

B.

HSRP

C.

GLBP

D.

VRRP

Full Access
Question # 16

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A.

Shut down the Cisco FMC before powering up the replacement unit.

B.

Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC.

C.

Unregister the faulty Cisco FTD device from the Cisco FMC

D.

Shut down the active Cisco FTD device before powering up the replacement unit.

Full Access
Question # 17

An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?

A.

Deploy the firewall in transparent mode with access control policies.

B.

Deploy the firewall in routed mode with access control policies.

C.

Deploy the firewall in routed mode with NAT configured.

D.

Deploy the firewall in transparent mode with NAT configured.

Full Access
Question # 18

An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?

A.

Add a native instance to distribute traffic to each Cisco FTD context.

B.

Add the Cisco FTD device to the Cisco ASA port channels.

C.

Configure a container instance in the Cisco FTD for each context in the Cisco ASA.

D.

Configure the Cisco FTD to use port channels spanning multiple networks.

Full Access
Question # 19

In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

A.

Traffic inspection can be interrupted temporarily when configuration changes are deployed.

B.

The system performs intrusion inspection followed by file inspection.

C.

They can block traffic based on Security Intelligence data.

D.

File policies use an associated variable set to perform intrusion prevention.

E.

The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.

Full Access
Question # 20

An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?

A.

Configure an IPS policy and enable per-rule logging.

B.

Disable the default IPS policy and enable global logging.

C.

Configure an IPS policy and enable global logging.

D.

Disable the default IPS policy and enable per-rule logging.

Full Access
Question # 21

Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

A.

dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7 application protocols.

B.

reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists

C.

network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country

D.

network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country

E.

reputation-based objects, such as URL categories

Full Access
Question # 22

A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown. What is the cause of this issue?

A.

The malware license has not been applied to the Cisco FTD.

B.

The Cisco FMC cannot reach the Internet to analyze files.

C.

A file policy has not been applied to the access policy.

D.

Only Spero file analysis is enabled.

Full Access
Question # 23

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

A.

Send Cisco FTD connection events and security events directly to SIEM system for storage and analysis.

B.

Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis.

C.

Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis.

D.

Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis.

Full Access
Question # 24

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet.

Full Access
Question # 25

An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?

A.

The interfaces are being used for NAT for multiple networks.

B.

The administrator is adding interfaces of multiple types.

C.

The administrator is adding an interface that is in multiple zones.

D.

The interfaces belong to multiple interface groups.

Full Access
Question # 26

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

A.

dynamic null route configured

B.

DHCP pool disablement

C.

quarantine

D.

port shutdown

E.

host shutdown

Full Access
Question # 27

Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

A.

pxGrid

B.

FTD RTC

C.

FMC RTC

D.

ISEGrid

Full Access
Question # 28

What is a valid Cisco AMP file disposition?

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

Full Access
Question # 29

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

A.

application blocking

B.

simple custom detection

C.

file repository

D.

exclusions

E.

application whitelisting

Full Access
Question # 30

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

A.

VPN connections can be re-established only if the failed master unit recovers.

B.

Smart License is required to maintain VPN connections simultaneously across all cluster units.

C.

VPN connections must be re-established when a new master unit is elected.

D.

Only established VPN connections are maintained when a new master unit is elected.

Full Access
Question # 31

What is the maximum SHA level of filtering that Threat Intelligence Director supports?

A.

SHA-1024

B.

SHA-4096

C.

SHA-512

D.

SHA-256

Full Access
Question # 32

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

A.

Windows domain controller

B.

audit

C.

triage

D.

protection

Full Access
Question # 33

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

A.

Add the malicious file to the block list.

B.

Send a snapshot to Cisco for technical support.

C.

Forward the result of the investigation to an external threat-analysis engine.

D.

Wait for Cisco Threat Response to automatically block the malware.

Full Access