300-740 Exam Questions

According to Cisco Security Reference Architecture, which solution provides threat intelligence and malware analytics?

Which types of algorithm does a web application firewall use for zero-day DDoS protection?

An administrator must deploy an endpoint posture policy for all users. The organization wants to have all endpoints checked against antimalware definitions and operating system upd...

Refer to the exhibit. An engineer must provide HTTPS access from the Google Cloud Platform virtual machine to the on-premises mail server. All other connections from the virtual ma...

Refer to the exhibit. A security engineer deployed Cisco Secure XDR, and during testing, the log entry shows a security incident. Which action must the engineer take first?

Refer to the exhibit. An engineer must create a policy in Cisco Secure Firewall Management Center to prevent restricted users from being able to browse any business or mobile phone...

Refer to the exhibit. An engineer must provide RDP access to the AWS virtual machines and HTTPS access to the Google Cloud Platform virtual machines. All other connectivity must be...

Refer to the exhibit. An engineer must connect an on-premises network to the public cloud using Cisco Umbrella as a Cloud Access Security Broker. The indicated configuration was ap...

Which mitigation technique does a web application firewall use to protect a web server against DDoS attacks?

Refer to the exhibit. An engineer is investigating an issue by using Cisco Secure Cloud Analytics. The engineer confirms that the connections are unauthorized and informs the incid...

In the zero-trust network access model, which criteria is used for continuous verification to modify trust levels?

Refer to the exhibit. An engineer must create a segmentation policy in Cisco Secure Workload to block HTTP traffic. The indicated configuration was applied; however, HTTP traffic i...

Refer to the exhibit. An engineer must analyze the Cisco Secure Cloud Analytics report. What is occurring?

Refer to the exhibit. An engineer must configure the Cisco ASA firewall to allow the client with IP indicated configuration was applied to the firewall and public DNS 4.4.4.4 is us...

Refer to the exhibit. An engineer must configure a remote access IPsec/IKEv1 VPN that will use AES256 and SHA256 on a Cisco ASA firewall. The indicated configuration was applied to...

Which method is used by a Cisco XDR solution to prioritize actions?

Refer to the exhibit. An engineer must configure a global allow list in Cisco Umbrella for the cisco.com domain. All other domains must be blocked. After creating a new policy and...

An administrator received an incident report indicating suspicious activity of a user using a corporate device. The manager requested that the credentials of user [email protected] b...

What helps prevent drive-by compromise?

Refer to the exhibit. An engineer must integrate Cisco Cloudlock with Salesforce in an organization. Despite the engineer's successful execution of the Salesforce integration with...

What must be automated to enhance the efficiency of a security team response?

Refer to the exhibit. An engineer must troubleshoot an issue with excessive SSH traffic leaving the internal network between the hours of 18:00 and 08:00. The engineer applies a po...

What does the MITRE ATT&CK framework catalog?

An organization is distributed across several sites. Each site is connected to the main HQ using site-to-site VPNs implemented using Secure Firewall Threat Defense. Which functiona...

Refer to the exhibit. An engineer is troubleshooting an incident by using Cisco Secure Cloud Analytics. What is the cause of the issue?

Refer to the exhibit. An engineer must configure VPN load balancing across two Cisco ASA. The indicated configuration was applied to each firewall; however, the load-balancing encr...

Refer to the exhibit. An engineer must block internal users from accessing Facebook and Facebook Apps. All other access must be allowed. The indicated policy was created in Cisco S...

What is a crucial component in the MITRE ATT&CK framework?

Refer to the exhibit. An engineer must create a firewall policy to allow web server communication only. The indicated firewall policy was applied; however, a recent audit requires...

Refer to the exhibit. An engineer must configure SAML SSO in Cisco ISE to use Microsoft Azure AD as an identity provider. These configurations were performed: - Configure a SAML Id...

Refer to the exhibit. An engineer is analyzing a Cisco Secure Firewall Management Center report. Which activity does the output verify?

Which concept is used in the Cisco SAFE key reference model?

A security analyst detects an employee endpoint making connections to a malicious IP on the internet and downloaded a file named Test0511127691C.pdf. The analyst discovers the mach...

Refer to the exhibit. An engineer must configure Duo SSO for Cisco Webex and add the Webex application to the Duo Access Gateway. Which two actions must be taken in Duo? (Choose tw...

Which common strategy should be used to mitigate directory traversal attacks in a cloud environment?

Which attack mitigation must be in place to prevent an attacker from authenticating to a service using a brute force attack?

What is associated with implementing Cisco zero-trust architecture?

An engineer configures trusted endpoints with Active Directory with Device Health to determine if an endpoint complies with the policy posture. After a week, an alert is received b...

Refer to the exhibit. An engineer must troubleshoot an incident by using Cisco Secure Cloud Analytics. What is the cause of the issue?

Refer to the exhibit. An engineer is investigating an unauthorized connection issue using Cisco Secure Cloud Analytics. Which two actions must be taken? (Choose two.)

Refer to the exhibit. An engineer is investigating the critical alert received in Cisco Secure Network Analytics. The engineer confirms that the incident is valid. Which two action...

An engineer is configuring multifactor authentication using Duo. The implementation must use Duo Authentication Proxy and the Active Directory as an identity source. The company us...

Refer to the exhibit. An engineer must configure a remote access IPsec/IKEv2 VPN that will use SHA- 512 on a Cisco ASA firewall. The indicated configuration was applied to the fire...

What does the Cisco Telemetry Broker provide for telemetry data?

Refer to the exhibit. An engineer must configure Cisco ASA so that the Secure Client deployment is removed when the user laptop disconnects from the VPN. The indicated configuratio...

Which SAFE component logically arranges the security capabilities into blueprints?

A recent InfraGard news release indicates the need to establish a risk ranking for all on-premises and cloud services. The ACME Corporation already performs risk assessments for on...

Refer to the exhibit. An engineer must enable access to Salesforce using Cisco Umbrella and Cisco Cloudlock. These actions were performed: From Salesforce, add the Cloudlock IP add...

Refer to the exhibit. An engineer must analyze a segmentation policy in Cisco Secure Workload. What is the result of applying the policy?

Refer to the exhibit. An engineer must implement a remote access VPN solution that provides user and device verification. The company uses Active Directory for user authentication...