300-710 Exam Questions
437 real 300-710 exam questions with expert-verified answers and explanations. Page 3 of 9.
- Question #102Deployment
A mid-sized company is experiencing higher network bandwidth utilization due to a recent acquisition. The network operations team is asked to scale up their one Cisco FTD appliance...
Cisco FTDFirewall ClusteringNetwork ScalingPerformance - Question #103Configuration
An organization has seen a lot of traffic congestion on their links going out to the internet There is a Cisco Firepower device that processes all of the traffic going to the inter...
QoSBandwidth ManagementTraffic PrioritizationCisco Firepower - Question #104Deployment
An engineer configures an access control rule that deploys file policy configurations to security zone or tunnel zones, and it causes the device to restart. What is the reason for...
Access Control PolicyFile PolicySecurity ZonesDevice Restart - Question #105Management and Troubleshooting
An engineer is attempting to create a new dashboard within the Cisco FMC to have a single view with widgets from many of the other dashboards. The goal is to have a mixture of thre...
FMC DashboardsSecurity MonitoringDevice HealthFirepower Management - Question #106Management and Troubleshooting
An organization is setting up two new Cisco FTD devices to replace their current firewalls and cannot have any network downtime. During the setup process, the synchronization betwe...
FTD High AvailabilityHA PrerequisitesSynchronization FailureTroubleshooting FTD - Question #107Deployment
There is an increased amount of traffic on the network and for compliance reasons, management needs visibility into the encrypted traffic. What is a result of enabling TLS'SSL decr...
TLS/SSL DecryptionCertificate ManagementCorporate CANetwork Visibility - Question #108Configuration
An organization wants to secure traffic from their branch office to the headquarter building using Cisco Firepower devices, They want to ensure that their Cisco Firepower devices a...
Firepower Access Control PolicyVPN Traffic HandlingTraffic Inspection BypassResource Optimization - Question #109Configuration
A network administrator is seeing an unknown verdict for a file detected by Cisco FTD. Which malware policy configuration option must be selected in order to further analyse the fi...
Cisco FTDMalware PolicyDynamic AnalysisThreat Grid - Question #110Configuration
An engineer has been tasked with providing disaster recovery for an organization's primary Cisco FMC. What must be done on the primary and secondary Cisco FMCs to ensure that a cop...
FMC High AvailabilityDisaster RecoveryPolicy SynchronizationNetwork Security Management - Question #111Deployment
An engineer is attempting to add a new FTD device to their FMC behind a NAT device with a NAT ID of ACME001 and a password of Cisco388267669. Which command set must be used in orde...
FTD RegistrationFMCNATCLI Commands - Question #112Configuration
Refer to the exhibit. An organization has an access control rule with the intention of sending all social media traffic for inspection. After using the rule for some time, the admi...
Access Control PolicyFirepower Rule ActionsTraffic InspectionNetwork Security Configuration - Question #113Configuration
A user within an organization opened a malicious file on a workstation which in turn caused a ransomware attack on the network. What should be configured within the Cisco FMC to en...
Cisco FMCMalware AnalysisSandboxingDynamic Analysis - Question #114Management and Troubleshooting
An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco...
FMC Network DiscoveryEvent ManagementPolicy OptimizationNAT Device Exclusion - Question #115Management and Troubleshooting
administrator is configuring SNORT inspection policies and is seeing failed deployment messages in Cisco FMC. What information should the administrator generate for Cisco TAC to he...
FMC TroubleshootingDeployment FailuresDiagnostic FilesSNORT Policies - Question #117Management and Troubleshooting
A network engineer is receiving reports of users randomly getting disconnected from their corporate applications which traverses the data center FTD appliance Network monitoring to...
FTD TroubleshootingPacket CaptureNetwork Performance - Question #118Management and Troubleshooting
IT management is asking the network engineer to provide high-level summary statistics of the Cisco FTD appliance in the network. The business is approaching a peak season so the ne...
FTD ReportingNetwork MonitoringPerformance StatisticsCisco FMC - Question #119Management and Troubleshooting
Refer to the exhibit. An administrator is looking at some of the reporting capabilities for Cisco Firepower and noticed this section of the Network Risk report showing a lot of SSL...
Cisco FirepowerSSL decryptionThreat mitigationNetwork security - Question #120Configuration
An administrator is setting up Cisco Firepower to send data to the Cisco Stealthwatch appliances. The NetFlow_Set_Parameters object is already created, but NetFlow is not being sen...
Cisco FirepowerNetFlowSecurity MonitoringConfiguration - Question #121Configuration
With a recent summer time change, system logs are showing activity that occurred to be an hour behind real time. Which action should be taken to resolve this issue?
NTPTime SynchronizationDaylight Saving TimeSystem Clock - Question #122Configuration
A network administrator notices that SI events are not being updated The Cisco FTD device is unable to load all of the SI event entries and traffic is not being blocked as expected...
Security IntelligenceFirepower FTDResource AllocationTroubleshooting - Question #123Configuration
Refer to the exhibit. What must be done to fix access to this website while preventing the same communication to all other websites?
Access Control PolicyFirewall RulesWeb TrafficPort 80 - Question #124Configuration
A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisc FMC generated an alert for the malware event, however the user stil...
Cisco FMCAMP for NetworksFile PolicySecurity Enforcement - Question #125Configuration
Which feature within the Cisco FMC web interface allows for detecting, analyzing and blocking malware in network traffic?
Cisco FMCAdvanced Malware Protection (AMP)Network Traffic SecurityMalware Detection - Question #126Integration
Which license type is required on Cisco ISE to integrate with Cisco FMC pxGrid?
Cisco ISE LicensingpxGrid IntegrationCisco FMCSecurity Integrations - Question #127Integration
A network engineer wants to add a third-party threat feed into the Cisco FMC for enhanced threat detection Which action should be taken to accomplish this goal?
Threat Intelligence DirectorSTIX/TAXIIThreat FeedsCisco FMC - Question #128Deployment
What is a feature of Cisco AMP private cloud?
Cisco AMPPrivate CloudDeployment ArchitectureNetwork Connectivity - Question #129Configuration
An engineer has been tasked with using Cisco FMC to determine if files being sent through the network are malware. Which two configuration tasks must be performed to achieve this f...
Cisco FMCMalware ProtectionFile InspectionFireAMP Cloud - Question #130Configuration
An organization is using a Cisco FTD and Cisco ISE to perform identity-based access controls. A network administrator is analyzing the Cisco FTD events and notices that unknown use...
Cisco FTDCisco ISEAccess Control PolicyIdentity-based Access Control - Question #131Management and Troubleshooting
An engineer is restoring a Cisco FTD configuration from a remote backup using the command restore remote-manager-backup location 1.1.1.1 admin /volume/home/admin BACKUP_Cisc3946023...
Cisco FTDConfiguration RestoreBackup File FormatTroubleshooting FTD - Question #132Configuration
A network engineer is logged into the Cisco AMP for Endpoints console and sees a malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate this th...
Cisco AMP for EndpointsEndpoint SecurityThreat MitigationCustom Detections - Question #133Deployment
A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality. There is a requirement to analyze the traffic...
Firepower deploymentTransparent modeIntrusion DetectionBridge group - Question #134Deployment
An organization has a Cisco IPS running in inline mode and is inspecting traffic for malicious activity. When traffic is received by the Cisco IRS, if it is not dropped, how does t...
IPS Inline ModeTraffic ForwardingNetwork SecurityCisco Firepower - Question #135Configuration
A network administrator is concerned about the high number of malware files affecting users' machines. What must be done within the access control policy in Cisco FMC to address th...
File PolicyAccess Control Policy (ACP)Malware ProtectionCisco FMC - Question #136Management and Troubleshooting
An engineer is investigating connectivity problems on Cisco Firepower that is using service group tags. Specific devices are not being tagged correctly, which is preventing clients...
Firepower troubleshootingPacket capturePolicy enforcementService group tags - Question #137Management and Troubleshooting
A connectivity issue is occurring between a client and a server which are communicating through a Cisco Firepower device While troubleshooting, a network administrator sees that tr...
Firepower TroubleshootingPacket TracerNATConnectivity Diagnostics - Question #138Integration
An organization must be able to ingest NetFlow traffic from their Cisco FTD device to Cisco Stealthwatch for behavioral analysis. What must be configured on the Cisco FTD to meet t...
NetFlowCisco FTDCisco StealthwatchFlexConfig - Question #139Deployment
An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied...
Firewall deployment modesRouted modeDMZ configurationNetwork segmentation - Question #140Configuration
An engineer must build redundancy into the network and traffic must continuously flow if a redundant switch in front of the firewall goes down. What must be configured to accomplis...
vPCEtherChannelFirewall ClusteringNetwork Redundancy - Question #141Integration
What is the advantage of having Cisco Firepower devices send events to Cisco Threat Response via the security services exchange portal directly as opposed to using syslog?
Firepower IntegrationCloud SecurityEvent ForwardingSecurity Services Exchange - Question #142Management and Troubleshooting
A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffi...
NAT ExemptionRemote Access VPNFirewall ConfigurationTroubleshooting - Question #143Deployment
An engineer must configure high availability for the Cisco Firepower devices. The current network topology does not allow for two devices to pass traffic concurrently. How must the...
High AvailabilityActive/PassiveCisco FirepowerNetwork Topology - Question #144Deployment
When deploying a Cisco ASA Firepower module, an organization wants to evaluate the contents of the traffic without affecting the network. It is currently configured to have more th...
Firepower DeploymentASA Firepower ModuleInline Tap ModeTraffic Monitoring - Question #145Management and Troubleshooting
A network administrator notices that inspection has been interrupted on all non-managed interfaces of a device. What is the cause of this?
MTU ConfigurationInterface ManagementTraffic InspectionTroubleshooting - Question #146Configuration
An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?
Interface ObjectsNetwork SegmentationCisco FirepowerConfiguration Constraints - Question #147Deployment
Which two conditions must be met to enable high availability between two Cisco FTD devices? (Choose two.)
High Availability (HA)Cisco FTDPrerequisitesDevice Configuration - Question #148Management and Troubleshooting
A network administrator is configuring Snort inspection policies and is seeing failed deployment messages in Cisco FMC. What information should the administrator generate for Cisco...
FMC TroubleshootingDeployment FailureSnort PolicyTAC Logs - Question #149Configuration
An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet th...
Cisco FMCAccess Control PolicyIPS PolicyLogging - Question #150Configuration
A network administrator needs to create a policy on Cisco Firepower to fast-path traffic to avoid Layer 7 inspection. The rate at which traffic is inspected must be optimized. What...
Cisco FirepowerPrefilter PolicyTraffic OptimizationLayer 7 Inspection - Question #151Configuration
A network engineer is tasked with minimising traffic interruption during peak traffic limes. When the SNORT inspection engine is overwhelmed, what must be configured to alleviate t...
SNORT EngineAutomatic Application Bypass (AAB)Traffic ManagementFirepower Performance - Question #152Management and Troubleshooting
A VPN user is unable to conned lo web resources behind the Cisco FTD device terminating the connection. While troubleshooting, the network administrator determines that the DNS res...
FTDSnort IPSDNS TroubleshootingIntrusion Policy