300-710 Exam Questions
437 real 300-710 exam questions with expert-verified answers and explanations. Page 6 of 9.
- Question #253Configuration
An administrator is adding a QoS policy to a Cisco FTD deployment. When a new rule is added to the policy and QoS is applied on 'Interfaces in Destination Interface Objects", no in...
FTD QoSInterface ModesPolicy Configuration - Question #254Configuration
A Cisco FMC administrator wants to configure fastpathing of trusted network traffic to increase performance. In which type of policy would the administrator configure this feature?
FMC Prefilter policyTraffic optimizationFastpathingNetwork performance - Question #255Management and Troubleshooting
A network administrator is troubleshooting access to a website hosted behind a Cisco FTD device External clients cannot access the web server via HTTPS The IP address configured on...
Packet CaptureNATTroubleshootingCisco FTD - Question #256Configuration
Remote users who connect via Cisco AnyConnect to the corporate network behind a Cisco FTD device report that they get no audio when calling between remote users using their softpho...
AnyConnect VPNFTD NATVPN HairpinningSoftphone Media - Question #257Configuration
An engineer must configure the firewall to monitor traffic within a single subnet without increasing the hop count of that traffic. How would the engineer achieve this?
Transparent ModeFirewall DeploymentTraffic MonitoringCisco Firepower Configuration - Question #258Configuration
Which action must be taken on the Cisco FMC when a packet bypass is configured in case the Snort engine is down or a packet takes too long to process?
Automatic Application BypassSnort enginePacket bypassCisco FMC - Question #259Configuration
An engineer is configuring multiple Cisco FTD appliances (or use in the network. Which rule must the engineer follow while defining interface objects in Cisco FMC for use with inte...
Cisco FMCFTD Interface ConfigurationInterface GroupsMulti-device Management - Question #260Configuration
An engineer is creating an URL object on Cisco FMC How must it be configured so that the object will match for HTTPS traffic in an access control policy?
FMC URL ObjectsHTTPS InspectionSSL Certificate MatchingAccess Control Policy - Question #261Configuration
An engineer must configure a Cisco FMC dashboard in a multidomain deployment Which action must the engineer take to edit a report template from an ancestor domain?
Cisco FMCMultidomain deploymentReport templatesObject inheritance - Question #262Configuration
What must be implemented on Cisco Firepower to allow multiple logical devices on a single physical device to have access to external hosts?
VLAN SubinterfacesFirepower Multi-instanceNetwork Interface ConfigurationLogical Device Connectivity - Question #263Management and Troubleshooting
An administrator is configuring a transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port but the FTD is not processing the traffic What is...
Cisco FTDERSPANFTD ModesTraffic Monitoring - Question #264Configuration
A company is deploying intrusion protection on multiple Cisco FTD appliances managed by Cisco FMC. Which system-provided policy must be selected if speed and detection are prioriti...
Cisco FTDCisco FMCIntrusion PoliciesSecurity Policy Selection - Question #265Deployment
An organization is implementing Cisco FTD using transparent mode in the network. Which rule in the default Access Control Policy ensures that this deployment does not create a loop...
FTD Transparent ModeSTPLayer 2 FirewallNetwork Loop Prevention - Question #266Configuration
An organization is installing a new Cisco FTD appliance in the network. An engineer is tasked with configuring access between two network segments within the same IP subnet. Which...
Cisco FTDBridgingTransparent ModeBridge Virtual Interface - Question #267Configuration
When a Cisco FTD device is configured in transparent firewall mode, on which two interface types can an IP address be configured? (Choose two.)
FTD Transparent ModeInterface ConfigurationBVIDiagnostic Interface - Question #268Configuration
An administrator needs to configure Cisco FMC to send a notification email when a data transfer larger than 10 MB is initiated from an internal host outside of standard business ho...
Cisco FMCCorrelation PolicySecurity MonitoringAlerting - Question #269Deployment
A security engineer is adding three Cisco FTD devices to a Cisco FMC. Two of the devices have successfully registered to the Cisco FMC. The device that is unable to register is loc...
Cisco FTDCisco FMCDevice RegistrationNAT Configuration - Question #270Management and Troubleshooting
An engineer defines a new rule while configuring an Access Control Policy. After deploying the policy, the rule is not working as expected and the hit counters associated with the...
Access Control PolicyApplication ControlTroubleshootingRule Matching - Question #271Management and Troubleshooting
A network administrator is configuring a site-to-site IPsec VPN to a router sitting behind a Cisco FTD. The administrator has configured an access policy to allow traffic to this d...
IPsec VPNCisco FTDNATTroubleshooting - Question #272Configuration
An engineer is configuring two new Cisco FTD devices to replace the existing high availability firewall pair in a highly secure environment. The information exchanged between the F...
Cisco FTDHigh AvailabilityFailover LinkIPsec - Question #273Management and Troubleshooting
An engineer is troubleshooting HTTP traffic to a web server using the packet capture tool on Cisco FMC. When reviewing the captures, the engineer notices that there are a lot of pa...
Packet CaptureTroubleshootingCisco FTD/FMCTraffic Filtering - Question #274Configuration
A security engineer needs to configure a network discovery policy on a Cisco FMC appliance and prevent excessive network discovery events from overloading the FMC database. Which a...
FMC Network DiscoveryPolicy ConfigurationDatabase PerformanceNAT/Load Balancer Exclusion - Question #275Configuration
An engineer is setting up a remote access VPN on a Cisco FTD device and wants to define which traffic gets sent over the VPN tunnel. Which named object type in Cisco FMC must be us...
Remote Access VPNCisco FTDCisco FMCAccess Lists for VPN Traffic - Question #276Management and Troubleshooting
Which process should be checked when troubleshooting registration issues between Cisco FMC and managed devices to verify that secure communication is occurring?
FMC-FTD CommunicationTroubleshootingsftunnelDevice Registration - Question #277Configuration
An engineer needs to configure remote storage on Cisco FMC. Configuration backups must be available from a secure location on the network for disaster recovery. Reports need to bac...
Remote StorageConfiguration BackupReportingSMB Protocol - Question #278Configuration
Which firewall design will allow it to forward traffic at layers 2 and 3 for the same subnet?
Integrated Routing and Bridging (IRB)Layer 2 ForwardingLayer 3 ForwardingFirewall Modes - Question #281Configuration
A security engineer must configure policies for a recently deployed Cisco FTD. The security policy for the company dictates that when five or more connections from external sources...
Cisco FTDCisco FMCCorrelation PolicySecurity Policies - Question #282Management and Troubleshooting
A network administrator is reviewing a weekly scheduled attacks risk report and notices a host that is flagged for an Impact 2 attack. Where should the administrator look within Ci...
Cisco FMCSecurity MonitoringThreat AnalysisCorrelation Events - Question #283Deployment
A consultant is working on a project where the customer is upgrading from a single Cisco Firepower 2130 managed by FDM to a pair of Cisco Firepower 2130s managed by FMC for high av...
FDM to FMC MigrationSecure Firewall Migration ToolFirepower ConfigurationHigh Availability Deployment - Question #284Configuration
A network administrator must create an EtherChannel interface on a new Cisco Firepower 9300 appliance registered with an FMC for high availability. Where must the administrator cre...
Firepower 9300EtherChannelFXOSInterface Configuration - Question #285Management and Troubleshooting
A network administrator is reviewing a monthly advanced malware risk report and notices a host that is listed as CnC Connected. Where must the administrator look within Cisco FMC t...
Cisco FMCMalware AnalysisCommand and Control (CnC)Host Compromise - Question #286Deployment
An engineer is configuring a Cisco FTD device to place on the Finance VLAN to provide additional protection for company financial data. The device must be deployed without requirin...
FTD Deployment ModesTransparent ModeDHCP TrafficAccess Control Policies - Question #287Configuration
Which default action setting in a Cisco FTD Access Control Policy allows all traffic from an undefined application to pass without Snort inspection?
Cisco FTDAccess Control PolicyDefault ActionSnort Inspection - Question #288Configuration
An engineer plans to reconfigure an existing Cisco FTD from transparent mode to routed mode. Which additional action must be taken to maintain communication between the two network...
FTD ModesRouted Mode ConfigurationNetwork SegmentationIP Addressing - Question #289Configuration
Network users are experiencing intermittent issues with internet access. An engineer identified that the issue is being caused by NAT exhaustion. How must the engineer change the d...
NAT ExhaustionDynamic NATPAT (Port Address Translation)Cisco Firewall Configuration - Question #290Configuration
An engineer is configuring a custom intrusion rule on Cisco FMC. The engineer needs the rule to search the payload or stream for the string "|44 78 97 13 2 0A|". Which keyword must...
Cisco FMCIntrusion RulesSnort Rule SyntaxPacket Content Inspection - Question #291Management and Troubleshooting
An engineer must investigate a connectivity issue from an endpoint behind a Cisco FTD device and a public DNS server. The endpoint cannot perform name resolution queries. Which act...
FTD TroubleshootingFMC Capture w/TraceSnort VerdictDNS Troubleshooting - Question #292Configuration
What is a limitation to consider when running a dynamic routing protocol on a Cisco FTD device in IRB mode?
Cisco FTDIRB ModeDynamic RoutingInterface Limitations - Question #293Integration
An engineer must integrate a third-party security intelligence feed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2.3 and has...
Threat Intelligence DirectorFMCThird-Party IntegrationREST API - Question #294Configuration
An engineer is configuring a custom application detector for HTTP traffic and wants to import a file that was provided by a third party. Which type of flies are advanced applicatio...
NBAR2Custom Application DetectionLUA ScriptsApplication Recognition - Question #295Configuration
Which action must be taken to configure an isolated bridge group for IRB mode on a Cisco Secure Firewall device?
IRBBridge GroupFirewall ConfigurationNetwork Isolation - Question #296Management and Troubleshooting
When an engineer captures traffic on a Cisco FTD to troubleshoot a connectivity problem, they receive a large amount of output data in the GUI tool. The engineer found that viewing...
Cisco FTDTraffic CapturePCAPTroubleshooting Tools - Question #297Deployment
An engineer must deploy a Cisco FTD device. Management wants to examine traffic without requiring network changes that will disrupt end users. Corporate security policy requires th...
Cisco FTD Deployment ModesTransparent ModeManagement InterfaceNetwork Segmentation - Question #298Management and Troubleshooting
A network administrator reviews the attack risk report and notices several low-impact attacks. What does this type of attack indicate?
Attack reportingVulnerability statusSecurity risk interpretation - Question #299Configuration
What is a limitation to consider when running a dynamic routing protocol on a Cisco Secure Firewall Threat Defense device in IRB mode?
FTD RoutingIRB ModeInterface Limitations - Question #300Configuration
An engineer is configuring URL filtering for a Cisco FTD device in Cisco FMC. Users must receive website if they choose to. No other websites should be blocked. Which two actions m...
URL FilteringCisco FTDCisco FMCAccess Control PolicyInteractive Block - Question #301Configuration
The security engineer reviews the syslog server events of an organization and sees many outbound connections to malicious sites initiated from hosts running Cisco Secure Endpoint....
Cisco Secure EndpointDevice Flow Correlation (DFC)Endpoint SecurityOutbound Connection Blocking - Question #302Management and Troubleshooting
An engineer has been tasked with performing an audit of network objects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat D...
Cisco Defense Orchestrator (CDO)Multi-Firewall ManagementNetwork Object AuditSecurity Policy Management - Question #303Deployment
A network engineer is deploying a pair of Cisco Secure Firewall Threat Defense devices managed by Cisco Secure Firewall Management Center for High Availability. Internet access is...
ISP FailoverRoute TrackingSLA MonitoringNetwork Redundancy - Question #304Deployment
A network engineer is planning on replacing an Active/Standby pair of physical Cisco Secure Firewall ASAs with a pair of Cisco Secure Firewall Threat Defense Virtual appliances. Wh...
Cisco FTD VirtualHigh AvailabilityVirtualization PlatformsPlatform Compatibility