• Home
  • Articles
  • Verified 300-710 Exam Dumps PDF [2021] Access using Pass4guide [Q11-Q36]

Verified 300-710 Exam Dumps PDF [2021] Access using Pass4guide [Q11-Q36]

Share

Verified 300-710 Exam Dumps PDF [2021] Access using Pass4guide

Try Best 300-710 Exam Questions from Training Expert Pass4guide

NEW QUESTION 11
Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high- availability?

  • A. configure high-availability disable
  • B. system support network-options
  • C. configure high-availability resume
  • D. configure high-availability suspend

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config- guide-v61/firepower_threat_defense_high_availability.html

 

NEW QUESTION 12
Which Cisco Firepower rule action displays an HTTP warning page?

  • A. Interactive Block
  • B. Monitor
  • C. Allow with Warning
  • D. Block

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System- UserGuide-v5401/AC-Rules-Tuning-Overview.html#76698

 

NEW QUESTION 13
A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service? (Choose two.)

  • A. outbound port TCP/80
  • B. inbound port TCP/443
  • C. outbound port TCP/8080
  • D. outbound port TCP/443
  • E. inbound port TCP/80

Answer: A,D

Explanation:
Section: Management and Troubleshooting
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide- v60/Security__Internet_Access__and_Communication_Ports.html

 

NEW QUESTION 14
What are the minimum requirements to deploy a managed device inline?

  • A. passive interface, MTU, and mode
  • B. inline interfaces, MTU, and mode
  • C. inline interfaces, security zones, MTU, and mode
  • D. passive interface, security zone, MTU, and mode

Answer: B

Explanation:
Section: Deployment
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config- guide-v65/ips_device_deployments_and_configuration.html

 

NEW QUESTION 15
An organization has implemented Cisco Firepower without IPS capabilities and now wants to enable inspection for their traffic. They need to be able to detect protocol anomalies and utilize the Snort rule sets to detect malicious behavior. How is this accomplished?

  • A. Modify the network discovery policy to detect new hosts to inspect.
  • B. Modify the access control policy to redirect interesting traffic to the engine.
  • C. Modify the intrusion policy to determine the minimum severity of an event to inspect.
  • D. Modify the network analysis policy to process the packets for inspection.

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/670/fdm/fptd-fdm-config-guide-670/fptd-fdmintrusion.
Html

 

NEW QUESTION 16
Within Cisco Firepower Management Center, where does a user add or modify widgets?

  • A. summary tool
  • B. dashboard
  • C. context explorer
  • D. reporting

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Using_Dashboards.html

 

NEW QUESTION 17
Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig?
(Choose two.)

  • A. BGP
  • B. OSPF
  • C. EIGRP
  • D. static routing
  • E. IS-IS

Answer: A,B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660/fptd- fdm-routing.html

 

NEW QUESTION 18
Within Cisco Firepower Management Center, where does a user add or modify widgets?

  • A. summary tool
  • B. dashboard
  • C. context explorer
  • D. reporting

Answer: B

Explanation:
Section: Management and Troubleshooting
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide- v60/Using_Dashboards.html

 

NEW QUESTION 19
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

  • A. The units must be the same version
  • B. The units must be different models if they are part of the same series.
  • C. The units must be the same model.
  • D. Both devices can be part of a different group that must be in the same domain when configured within the FMC.
  • E. The units must be configured only for firewall routed mode.

Answer: A,C

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699- configure-ftd-high-availability-on-firep.html

 

NEW QUESTION 20
Which two deployment types support high availability? (Choose two.)

  • A. clustered
  • B. transparent
  • C. virtual appliance in public cloud
  • D. routed
  • E. intra-chassis multi-instance

Answer: B,D

 

NEW QUESTION 21
Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

  • A. application whitelisting
  • B. exclusions
  • C. application blocking
  • D. file repository
  • E. simple custom detection

Answer: C,E

 

NEW QUESTION 22
A network administrator needs to create a policy on Cisco Firepower to fast-path traffic to avoid Layer 7 inspection. The rate at which traffic is inspected must be optimized. What must be done to achieve this goal?

  • A. Configure modular policy framework.
  • B. Configure a prefilter policy.
  • C. Disable TCP inspection.
  • D. Enable lhe FXOS for multi-instance.

Answer: B

 

NEW QUESTION 23
On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?

  • A. propagate link state
  • B. TAP mode
  • C. transparent inline mode
  • D. strict TCP enforcement

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/inline_sets_and_passive_interfaces_for_firepower_threat_defense.html

 

NEW QUESTION 24
Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high- availability?

  • A. configure high-availability disable
  • B. system support network-options
  • C. configure high-availability resume
  • D. configure high-availability suspend

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/firepower_threat_defense_high_availability.html

 

NEW QUESTION 25
What is a characteristic of bridge groups on a Cisco FTD?

  • A. In routed firewall mode, routing between bridge groups must pass through a routed interface.
  • B. Routing between bridge groups is achieved only with a router-on-a-stick configuration on a connected router
  • C. In transparent firewall mode, routing between bridge groups is supported
  • D. In routed firewall mode, routing between bridge groups is supported.

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/general/asa-97-general-config/intro-fw.pdf

 

NEW QUESTION 26
Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

  • A. SGT
  • B. IRB
  • C. BDI
  • D. FlexConfig

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/relnotes/ Firepower_System_Release_Notes_Version_620/new_features_and_functionality.html

 

NEW QUESTION 27
The event dashboard within the Cisco FMC has been inundated with low priority intrusion drop events, which are overshadowing high priority events. An engineer has been tasked with reviewing the policies and reducing the low priority events. Which action should be configured to accomplish this task?

  • A. generate events
  • B. drop and generate
  • C. drop packet
  • D. drop connection

Answer: A

Explanation:
Section: Deployment
Explanation/Reference:
Reference" https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/working_with_intrusion_events.html

 

NEW QUESTION 28
Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.

Answer:

Explanation:

Explanation

Explanation
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/firepower_management_center_high_availability.html#id_32288

 

NEW QUESTION 29
Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

  • A. ECMP with up to three equal cost paths across a single interface
  • B. BGPv4 in transparent firewall mode
  • C. ECMP with up to three equal cost paths across multiple interfaces
  • D. BGPv4 with nonstop forwarding
  • E. BGPv6

Answer: A,E

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/fpmc-config-guide-v60_chapter_01100011.html#ID-2101-0000000e

 

NEW QUESTION 30
A hospital network needs to upgrade their Cisco FMC managed devices and needs to ensure that a disaster recovery process is in place. What must be done in order to minimize downtime on the network?

  • A. Configure the Cisco FMCs for failover
  • B. Configure the Cisco FMC managed devices for clustering.
  • C. Keep a copy of the current configuration to use as backup
  • D. Configure a second circuit to an ISP for added redundancy

Answer: C

 

NEW QUESTION 31
Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

  • A. Send a snapshot to Cisco for technical support.
  • B. Forward the result of the investigation to an external threat-analysis engine.
  • C. Add the malicious file to the block list.
  • D. Wait for Cisco Threat Response to automatically block the malware.

Answer: C

 

NEW QUESTION 32
A hospital network needs to upgrade their Cisco FMC managed devices and needs to ensure that a disaster recovery process is in place. What must be done in order to minimize downtime on the network?

  • A. Configure the Cisco FMC managed devices for clustering.
  • B. Configure a second circuit to an ISP for added redundancy
  • C. Configure the Cisco FMCs for failover
  • D. Keep a copy of the current configuration to use as backup

Answer: C

 

NEW QUESTION 33
In which two places can thresholding settings be configured? (Choose two.)

  • A. per preprocessor, within the network analysis policy
  • B. on each access control rule
  • C. globally, per intrusion policy
  • D. globally, within the network analysis policy
  • E. on each IPS rule

Answer: C,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa- firepower-module-user-guide-v541/Intrusion-Global-Threshold.pdf

 

NEW QUESTION 34
An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks What must be configured in order to maintain data privacy for both departments?

  • A. Use passive IDS ports for both departments
  • B. Use a dedicated IPS inline set for each department to maintain traffic separation
  • C. Use 802 1Q mime set Trunk interfaces with VLANs to maintain logical traffic separation
  • D. Use one pair of inline set in TAP mode for both departments

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ inline_sets_and_passive_interfaces_for_firepower_threat_defense.html

 

NEW QUESTION 35
An administrator is attempting to remotely log into a switch in the data centre using SSH and is unable to connect. How does the administrator confirm that traffic is reaching the firewall?

  • A. by performing a packet capture on the firewall.
  • B. by running a packet tracer on the firewall.
  • C. by attempting to access it from a different workstation.
  • D. by running Wireshark on the administrator's PC

Answer: A

 

NEW QUESTION 36
......


Domain #3. Troubleshooting and Management

What all it takes to administer Cisco solutions and resolve problems arising within them is covered in this domain. It accounts for 25% of the content all exclusively. The main topics of this section also cover handling FMC CLI and GUI related issues, FMC dashboard and reporting configuration, the use of packet capture procedures for troubleshooting, and analyzing risk & standard reports.

Latest 100% Passing Guarantee - Brilliant 300-710 Exam Questions PDF: https://www.pass4guide.com/300-710-exam-guide-torrent.html

Practice Examples and Dumps & Tips for 2021 Latest 300-710 Valid Tests Dumps: https://drive.google.com/open?id=1cGS5aFfRKl1HxnKf59QC8_2JyT3EP1S3

Related Articles

more
Cisco 300-710 Certification Practice Exam