300-710 Exam Questions
437 real 300-710 exam questions with expert-verified answers and explanations. Page 4 of 9.
- Question #153Deployment
An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. They are unable to gather information about neighbouri...
FTD Firewall ModesTransparent FirewallLayer 2 ProtocolsCDP Multicast - Question #154Configuration
An organization is using a Cisco FTD and Cisco ISE to perform identity-based access controls. A network administrator is analyzing the Cisco FTD events and notices that unknown use...
Cisco FTDAccess Control PolicyIdentity-based AccessTraffic Blocking - Question #155Configuration
Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each depart...
Multi-instance FirewallsHigh AvailabilityTraffic SegmentationSecurity Contexts - Question #156Deployment
An engineer is configuring a Cisco IPS to protect the network and wants to test a policy before deploying it. A copy of each incoming packet needs to be monitored while traffic flo...
IPS deployment modesSecurity policy testingNetwork intrusion preventionCisco IPS - Question #157Management and Troubleshooting
A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?
Cisco FTDHigh AvailabilityDevice ReplacementCisco FMC - Question #158Configuration
An administrator is optimizing the Cisco FTD rules to improve network performance, and wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD. Whi...
Cisco FTDPrefilter PolicyPerformance OptimizationTraffic Inspection Bypass - Question #159Configuration
A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not blo...
Cisco FTDCisco FMCIntrusion PoliciesIDS vs IPS - Question #160Deployment
An engineer is using the configure manager add <FMC IP> Cisc404225383 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why is this oc...
FTD RegistrationFMC ManagementNAT ConfigurationCLI Troubleshooting - Question #161Configuration
An engineer is configuring Cisco FMC and wants to allow multiple physical interfaces to be part of the same VLAN. The managed devices must be able to perform Layer 2 switching betw...
FMC ConfigurationFTD Network ModesLayer 2 BridgingIntegrated Routing and Bridging - Question #162Configuration
An organization does not want to use the default Cisco Firepower block page when blocking HTTP traffic. The organization wants to include information about its policies and procedu...
FirepowerAccess Control PolicyCustom Block PageHTTP Traffic Blocking - Question #163Configuration
A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned...
FTD loggingFMC performanceSIEM integrationLog management - Question #164Configuration
An administrator must use Cisco FMC to install a backup route within the Cisco FTD to route traffic in case of a routing failure with primary route. Which action accomplish this ta...
RoutingRoute TrackingFailoverCisco FTD/FMC - Question #165Configuration
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https://<FMC IP>/capture/CAPI/...
Cisco FMCCisco FTDPacket CaptureHTTPS Configuration - Question #166Management and Troubleshooting
An analyst is investigating a potentially compromised endpoint within the network and pulls a host report for the endpoint in question to collect metrics and documentation. What in...
Endpoint investigationHost reportsIncident responseSecurity monitoring - Question #167Management and Troubleshooting
An engineer must investigate a connectivity issue and decides to use the packet capture feature on Cisco FTD. The goal is to see the real packet going through the Cisco FTD device...
Packet CaptureCisco FTD TroubleshootingSnortCLI Commands - Question #168Configuration
An analyst using the security analyst account permissions is trying to view the Correlations Events Widget but is not able to access it. However, other dashboards are accessible. W...
Cisco FMCDashboard ConfigurationWidget ManagementTroubleshooting - Question #169Management and Troubleshooting
An engineer is troubleshooting connectivity to the DNS servers from hosts behind a new Cisco FTD device. The hosts cannot send DNS queries to servers in the DMZ. Which action shoul...
FTD TroubleshootingPacket CaptureDNS ConnectivityAccess Control - Question #170Management and Troubleshooting
An engineer must configure a Cisco FMC dashboard in a child domain. Which action must be taken so that the dashboard is visible to the parent domain?
FMCMulti-domain ManagementDashboardsDomain Scoping - Question #171Integration
An engineer integrates Cisco FMC and Cisco ISE using pxGrid. Which role is assigned for Cisco FMC?
Cisco FMCCisco ISEpxGridIntegration roles - Question #172Deployment
A company wants a solution to aggregate the capacity of two Cisco FTD devices to make the best use of resources such as bandwidth and connections per second. Which order of steps m...
FTD ClusteringFMC ManagementHigh AvailabilityNetwork Scalability - Question #173Configuration
The administrator notices that there is malware present with an .exe extension and needs to verify if any of the systems on the network are running the executable file. What must b...
Cisco AMP for EndpointsMalware detectionFile prevalenceEndpoint security monitoring - Question #174Configuration
An engineer must define a URL object on Cisco FMC. What is the correct method to specify the URL without performing SSL inspection?
Cisco FMCURL FilteringSSL InspectionFirepower Threat Defense - Question #175Management and Troubleshooting
An analyst is reviewing the Cisco FMC reports for the week. They notice that some peer-to-peer applications are being used on the network and they must identify which poses the gre...
Cisco FMCNetwork RiskSecurity ReportingPeer-to-Peer Applications - Question #176Configuration
An administrator is adding a new URL-based category feed to the Cisco FMC for use within the policies. The intelligence source does not use STIX. but instead uses a .txt file forma...
Cisco FMCThreat IntelligenceFeed ConfigurationFlat File Format - Question #177Configuration
A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown. What is the cause of this issue?
Firepower File AnalysisSpero EngineAMP DispositionFile Policy - Question #178Deployment
An administrator configures the interfaces of a Cisco Secure Firewall Threat Defence device in an inline IPS deployment. The administrator completes these actions: - identifies the...
Cisco FTDInline IPSInterface ConfigurationInline Set - Question #179Management and Troubleshooting
An engineer is reviewing a ticket that requests to allow traffic for some devices that must connect to a server over 8699/udp. The request mentions only one IP address, 172.16.18.1...
TroubleshootingNetwork traffic analysisFirewall loggingUDP/TCP ports - Question #180Configuration
A security engineer is configuring a remote Cisco FTD that has limited resources and internet bandwidth. Which malware action and protection option should be configured to reduce t...
Cisco FTD MalwareLocal Malware AnalysisBandwidth OptimizationCloud Lookup Reduction - Question #181Management and Troubleshooting
An administrator receives reports that users cannot access a cloud-hosted web server. The access control policy was recently updated with several new policy additions and URL filte...
Access Control PolicyTroubleshootingCisco FMCConnection Events - Question #182Configuration
Refer to the exhibit. An engineer is modifying an access control policy to add a rule to inspect all DNS traffic that passes through the firewall. After making the change and deplo...
Access Control PolicyThreat InspectionCisco FTDSnort Engine - Question #183Deployment
A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to suppor...
Cisco FTDFirewall ModesBVIInterface Configuration - Question #184Integration
While integrating Cisco Umbrella with Cisco Threat Response, a network security engineer wants to automatically push blocking of domains from the Cisco Threat Response interface to...
Cisco Umbrella APICisco Threat Response APISecurity EnforcementAPI Integration - Question #185Deployment
An engineer wants to connect a single IP subnet through a Cisco FTD firewall and enforce policy. There is a requirement to present the internal IP subnet to the outside as a differ...
Cisco FTDNATRouted ModeFirewall Deployment - Question #186Integration
Upon detecting a flagrant threat on an endpoint, which two technologies instruct Cisco Identity Services Engine to contain the infected endpoint either manually or automatically? (...
ISE IntegrationThreat ContainmentEndpoint SecurityNetwork Security Analytics - Question #187Deployment
An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is l...
FTD Virtual InstancesASA Multicontext MigrationLogical Separation - Question #188Configuration
A network administrator configured a NAT policy that translates a public IP address to an internal web server IP address. An access policy has also been created that allows any sou...
NATAccess Control ListFirewall RulesTraffic Flow - Question #189Configuration
An engineer must configure a Cisco FMC dashboard in a child domain. Which action must be taken so that the dashboard is visible to the parent domain?
Cisco FMCMulti-domain ManagementDashboardsSecurity Management - Question #190Management and Troubleshooting
An engineer runs the command restore remote-manager-backup location 2.2.2.2 admin /Volume/home/admin FTD408566513.zip on a Cisco FMC. After connecting to the repository, the Cisco...
Firepower Management Center (FMC)Firepower Threat Defense (FTD)Backup and RestoreFile Formats - Question #191Management and Troubleshooting
A security engineer found a suspicious file from an employee email address and is trying to upload it for analysis, however the upload is failing. The last registration status is s...
Cisco AMPThreat GridTroubleshootingLicensing Limits - Question #192Configuration
An engineer is configuring Cisco FMC and wants to limit the time allowed for processing packets through the interface. However if the time is exceeded the configuration must allow...
Cisco FMCAutomatic Application BypassFirepower Threat DefensePerformance Tuning - Question #193Management and Troubleshooting
An engineer is working on a LAN switch and has noticed that its network connection to the mime Cisco IPS has gone down. Upon troubleshooting it is determined that the switch is wor...
Cisco IPSInline DeploymentLink-state PropagationNetwork Troubleshooting - Question #194Configuration
Refer to the exhibit. An engineer is modifying an access control pokey to add a rule to inspect all DNS traffic that passes through the firewall. After making the change and deploy...
Access Control PolicySnort InspectionFirewall PoliciesTraffic Inspection - Question #195Management and Troubleshooting
What is the role of the casebook feature in Cisco Threat Response?
Cisco Threat ResponseCasebookThreat AnalysisCollaboration - Question #196Management and Troubleshooting
A network engineer sets up a secondary Cisco FMC that is integrated with Cisco Security Packet Analyzer. What occurs when the secondary Cisco FMC synchronizes with the primary Cisc...
Cisco FMC High AvailabilityFMC SynchronizationConfiguration ReplicationCisco Security Packet Analyzer Integration - Question #197Configuration
An engineer wants to change an existing transparent Cisco FTD to routed mode. The device controls traffic between two network segments. Which action is mandatory to allow hosts to...
FTD ModesRouted ModeTransparent ModeIP Subnetting - Question #198Configuration
An engineer installs a Cisco FTD device and wants to inspect traffic within the same subnet passing through a firewall and inspect traffic destined to the Internet. Which configura...
Cisco FTDTransparent ModeNetwork BridgingBVI Configuration - Question #199Deployment
A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows. It must also collect data to provide a baseline of unw...
IPS deployment modesTraffic baseliningNetwork monitoringCisco IPS - Question #200Configuration
A network administrator is implementing an active/passive high availability Cisco FTD pair. When adding the high availability pair, the administrator cannot select the secondary pe...
Cisco FTDHigh AvailabilityFailoverConfiguration Prerequisites - Question #201Deployment
An administrator is configuring their transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port, but the Cisco FTD is not processing the traff...
Cisco FTDERSPANTransparent ModeRouted Mode - Question #202Deployment
What is an advantage of adding multiple inline interface pairs to the same inline interface set when deploying an asynchronous routing configuration?
Inline ModeInterface ConfigurationAsynchronous RoutingTraffic Flow Correlation