New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

300-710 Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Questions 4

A network administrator configured a NAT policy that translates a public IP address to an internal web server IP address. An access policy has also been created that allows any source to reach the public IP address on port 80. The web server is still not reachable from the Internet on port 80. Which configuration change is needed?

Options:

A.

The intrusion policy must be disabled for port 80.

B.

The access policy rule must be configured for the action trust.

C.

The NAT policy must be modified to translate the source IP address as well as destination IP address.

D.

The access policy must allow traffic to the internal web server IP address.

Buy Now
Questions 5

A security engineer is adding three Cisco FTD devices to a Cisco FMC. Two of the devices have successfully registered to the Cisco FMC. The device that is unable to register is located behind a router that translates all outbound traffic to the router's WAN IP address. Which two steps are required for this device to register to the Cisco FMC? (Choose two.)

Options:

A.

Reconfigure the Cisco FMC lo use the device's private IP address instead of the WAN address.

B.

Configure a NAT ID on both the Cisco FMC and the device.

C.

Add the port number being used for PAT on the router to the device's IP address in the Cisco FMC.

D.

Reconfigure the Cisco FMC to use the device's hostname instead of IP address.

E.

Remove the IP address defined for the device in the Cisco FMC.

Buy Now
Questions 6

An organization has a compliancy requirement to protect servers from clients, however, the clients and servers all reside on the same Layer 3 network Without readdressing IP subnets for clients or servers, how is segmentation achieved?

Options:

A.

Deploy a firewall in transparent mode between the clients and servers.

B.

Change the IP addresses of the clients, while remaining on the same subnet.

C.

Deploy a firewall in routed mode between the clients and servers

D.

Change the IP addresses of the servers, while remaining on the same subnet

Buy Now
Questions 7

administrator is configuring SNORT inspection policies and is seeing failed deployment messages in Cisco FMC . What information should the administrator generate for Cisco TAC to help troubleshoot?

Options:

A.

A Troubleshoot" file for the device in question.

B.

A "show tech" file for the device in question

C.

A "show tech" for the Cisco FMC.

D.

A "troubleshoot" file for the Cisco FMC

Buy Now
Questions 8

Refer to the exhibit An engineer is modifying an access control pokey to add a rule to inspect all DNS traffic that passes through the firewall After making the change and deploying the pokey they see that DNS traffic is not bang inspected by the Snort engine What is the problem?

Options:

A.

The rule must specify the security zone that originates the traffic

B.

The rule must define the source network for inspection as well as the port

C.

The action of the rule is set to trust instead of allow.

D.

The rule is configured with the wrong setting for the source port

Buy Now
Questions 9

What must be implemented on Cisco Firepower to allow multiple logical devices on a single physical device to have access to external hosts?

Options:

A.

Add at least two container instances from the same module.

B.

Set up a cluster control link between all logical devices

C.

Add one shared management interface on all logical devices.

D.

Define VLAN subinterfaces for each logical device.

Buy Now
Questions 10

An engineer is implementing Cisco FTD in the network and is determining which Firepower mode to use. The organization needs to have multiple virtual Firepower devices working separately inside of the FTD appliance to provide traffic segmentation Which deployment mode should be configured in the Cisco Firepower Management Console to support these requirements?

Options:

A.

multiple deployment

B.

single-context

C.

single deployment

D.

multi-instance

Buy Now
Questions 11

A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet How is this accomplished on an FTD device in routed mode?

Options:

A.

by leveraging the ARP to direct traffic through the firewall

B.

by assigning an inline set interface

C.

by using a BVI and create a BVI IP address in the same subnet as the user segment

D.

by bypassing protocol inspection by leveraging pre-filter rules

Questions 12

Which interface type allows packets to be dropped?

Options:

A.

passive

B.

inline

C.

ERSPAN

D.

TAP

Buy Now
Questions 13

Remote users who connect via Cisco AnyConnect to the corporate network behind a Cisco FTD device report that they get no audio when calling between remote users using their softphones. These same users can call internal users on the corporate network without any issues. What is the cause of this issue?

Options:

A.

The hairpinning feature is not available on FTD.

B.

Split tunneling is enabled for the Remote Access VPN on FTD

C.

FTD has no NAT policy that allows outside to outside communication

D.

The Enable Spoke to Spoke Connectivity through Hub option is not selected on FTD.

Buy Now
Questions 14

When a Cisco FTD device is configured in transparent firewall mode, on which two interface types can an IP address be configured? (Choose two.)

Options:

A.

Diagnostic

B.

EtherChannel

C.

BVI

D.

Physical

E.

Subinterface

Buy Now
Questions 15

A network administrator is configuring Snort inspection policies and is seeing failed deployment messages in Cisco FMC. What information should the administrator generate for Cisco TAC to help troubleshoot?

Options:

A.

A "show tech" file for the device in question.

B.

A "troubleshoot" file for the device in question.

C.

A "troubleshoot" file for the Cisco FMC.

D.

A "show tech" for the Cisco FMC.

Buy Now
Questions 16

An engineer attempts to pull the configuration for a Cisco FTD sensor to review with Cisco TAC but does not have direct access to the CU for the device. The CLl for the device is managed by Cisco FMC to which the engineer has access. Which action in Cisco FMC grants access to the CLl for the device?

Options:

A.

Export the configuration using the Import/Export tool within Cisco FMC.

B.

Create a backup of the configuration within the Cisco FMC.

C.

Use the show run all command in the Cisco FTD CLI feature within Cisco FMC.

D.

Download the configuration file within the File Download section of Cisco FMC.

Buy Now
Questions 17

An analyst is investigating a potentially compromised endpoint within the network and pulls a host report for the endpoint in question to collect metrics and documentation. What information should be taken from this report for the investigation?

Options:

A.

client applications by user, web applications, and user connections

B.

number of attacked machines, sources of the attack, and traffic patterns

C.

intrusion events, host connections, and user sessions

D.

threat detections over time and application protocols transferring malware

Buy Now
Questions 18

What is the role of the casebook feature in Cisco Threat Response?

Options:

A.

sharing threat analysts

B.

pulling data via the browser extension

C.

triage automaton with alerting

D.

alert prioritization

Buy Now
Questions 19

An organization wants to secure traffic from their branch office to the headquarter building using Cisco Firepower devices, They want to ensure that their Cisco Firepower devices are not wasting resources on inspecting the VPN traffic. What must be done to meet these requirements?

Options:

A.

Configure the Cisco Firepower devices to ignore the VPN traffic using prefilter policies

B.

Enable a flexconfig policy to re-classify VPN traffic so that it no longer appears as interesting traffic

C.

Configure the Cisco Firepower devices to bypass the access control policies for VPN traffic.

D.

Tune the intrusion policies in order to allow the VPN traffic through without inspection

Buy Now
Questions 20

An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?

Options:

A.

The interfaces are being used for NAT for multiple networks.

B.

The administrator is adding interfaces of multiple types.

C.

The administrator is adding an interface that is in multiple zones.

D.

The interfaces belong to multiple interface groups.

Buy Now
Questions 21

Which two actions can be used in an access control policy rule? (Choose two.)

Options:

A.

Block with Reset

B.

Monitor

C.

Analyze

D.

Discover

E.

Block ALL

Buy Now
Questions 22

A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown. What is the cause of this issue?

Options:

A.

The malware license has not been applied to the Cisco FTD.

B.

The Cisco FMC cannot reach the Internet to analyze files.

C.

A file policy has not been applied to the access policy.

D.

Only Spero file analysis is enabled.

Buy Now
Questions 23

An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. They are unable to gather information about neighbouring Cisco devices or use multicast in their environment. What must be done to resolve this issue?

Options:

A.

Create a firewall rule to allow CDP traffic.

B.

Create a bridge group with the firewall interfaces.

C.

Change the firewall mode to transparent.

D.

Change the firewall mode to routed.

Buy Now
Questions 24

When creating a report template, how can the results be limited to show only the activity of a specific subnet?

Options:

A.

Create a custom search in Firepower Management Center and select it in each section of the report.

B.

Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.

C.

Add a Table View section to the report with the Search field defined as the network in CIDR format.

D.

Select IP Address as the X-Axis in each section of the report.

Buy Now
Questions 25

Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

Options:

A.

FlexConfig

B.

BDI

C.

SGT

D.

IRB

Buy Now
Questions 26

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

Options:

A.

VPN connections can be re-established only if the failed master unit recovers.

B.

Smart License is required to maintain VPN connections simultaneously across all cluster units.

C.

VPN connections must be re-established when a new master unit is elected.

D.

Only established VPN connections are maintained when a new master unit is elected.

Buy Now
Questions 27

Which Cisco Firepower rule action displays an HTTP warning page?

Options:

A.

Monitor

B.

Block

C.

Interactive Block

D.

Allow with Warning

Buy Now
Questions 28

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

Options:

A.

configure manager local 10.0.0.10 Cisco123

B.

configure manager add Cisco123 10.0.0.10

C.

configure manager local Cisco123 10.0.0.10

D.

configure manager add 10.0.0.10 Cisco123

Buy Now
Questions 29

Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

Options:

A.

pxGrid

B.

FTD RTC

C.

FMC RTC

D.

ISEGrid

Buy Now
Questions 30

Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

Options:

A.

dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7 application protocols.

B.

reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists

C.

network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country

D.

network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country

E.

reputation-based objects, such as URL categories

Buy Now
Questions 31

What is a valid Cisco AMP file disposition?

Options:

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

Buy Now
Questions 32

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

Options:

A.

unavailable

B.

unknown

C.

clean

D.

disconnected

Buy Now
Questions 33

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

Options:

A.

application blocking

B.

simple custom detection

C.

file repository

D.

exclusions

E.

application whitelisting

Buy Now
Questions 34

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

Options:

A.

Add the malicious file to the block list.

B.

Send a snapshot to Cisco for technical support.

C.

Forward the result of the investigation to an external threat-analysis engine.

D.

Wait for Cisco Threat Response to automatically block the malware.

Buy Now
Questions 35

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

Options:

A.

dynamic null route configured

B.

DHCP pool disablement

C.

quarantine

D.

port shutdown

E.

host shutdown

Buy Now
Questions 36

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

Options:

A.

Windows domain controller

B.

audit

C.

triage

D.

protection

Buy Now
Questions 37

A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to support?

Options:

A.

active/active failover

B.

transparent

C.

routed

D.

high availability clustering

Buy Now
Questions 38

An engineer must configure high availability for the Cisco Firepower devices. The current network topology does not allow for two devices to pass traffic concurrently. How must the devices be implemented in this environment?

Options:

A.

in active/active mode

B.

in a cluster span EtherChannel

C.

in active/passive mode

D.

in cluster interface mode

Buy Now
Questions 39

An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?

Options:

A.

Deploy the firewall in transparent mode with access control policies.

B.

Deploy the firewall in routed mode with access control policies.

C.

Deploy the firewall in routed mode with NAT configured.

D.

Deploy the firewall in transparent mode with NAT configured.

Buy Now
Questions 40

Which policy rule is included in the deployment of a local DMZ during the initial deployment of a Cisco NGFW through the Cisco FMC GUI?

Options:

A.

a default DMZ policy for which only a user can change the IP addresses.

B.

deny ip any

C.

no policy rule is included

D.

permit ip any

Buy Now
Questions 41

Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)

Options:

A.

EIGRP

B.

OSPF

C.

static routing

D.

IS-IS

E.

BGP

Buy Now
Questions 42

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

Options:

A.

The units must be the same version

B.

Both devices can be part of a different group that must be in the same domain when configured within the FMC.

C.

The units must be different models if they are part of the same series.

D.

The units must be configured only for firewall routed mode.

E.

The units must be the same model.

Buy Now
Questions 43

What are two application layer preprocessors? (Choose two.)

Options:

A.

CIFS

B.

IMAP

C.

SSL

D.

DNP3

E.

ICMP

Buy Now
Questions 44

A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality. There is a requirement to analyze the traffic going across the device, alert on any malicious traffic, and appear as a bump in the wire How should this be implemented?

Options:

A.

Specify the BVl IP address as the default gateway for connected devices.

B.

Enable routing on the Cisco Firepower

C.

Add an IP address to the physical Cisco Firepower interfaces.

D.

Configure a bridge group in transparent mode.

Buy Now
Questions 45

An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?

Options:

A.

Add a native instance to distribute traffic to each Cisco FTD context.

B.

Add the Cisco FTD device to the Cisco ASA port channels.

C.

Configure a container instance in the Cisco FTD for each context in the Cisco ASA.

D.

Configure the Cisco FTD to use port channels spanning multiple networks.

Buy Now
Questions 46

Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN. What must be configured to meet these requirements?

Options:

A.

span EtherChannel clustering

B.

redundant interfaces

C.

high availability active/standby firewalls

D.

multi-instance firewalls

Buy Now
Questions 47

What is the difference between inline and inline tap on Cisco Firepower?

Options:

A.

Inline tap mode can send a copy of the traffic to another device.

B.

Inline tap mode does full packet capture.

C.

Inline mode cannot do SSL decryption.

D.

Inline mode can drop malicious traffic.

Buy Now
Questions 48

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

Options:

A.

Redundant Interface

B.

EtherChannel

C.

Speed

D.

Media Type

E.

Duplex

Questions 49

What are the minimum requirements to deploy a managed device inline?

Options:

A.

inline interfaces, security zones, MTU, and mode

B.

passive interface, MTU, and mode

C.

inline interfaces, MTU, and mode

D.

passive interface, security zone, MTU, and mode

Buy Now
Questions 50

What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

Options:

A.

1024

B.

8192

C.

4096

D.

2048

Buy Now
Questions 51

Which report template field format is available in Cisco FMC?

Options:

A.

box lever chart

B.

arrow chart

C.

bar chart

D.

benchmark chart

Buy Now
Questions 52

Which action should be taken after editing an object that is used inside an access control policy?

Options:

A.

Delete the existing object in use.

B.

Refresh the Cisco FMC GUI for the access control policy.

C.

Redeploy the updated configuration.

D.

Create another rule using a different object name.

Buy Now
Questions 53

Within Cisco Firepower Management Center, where does a user add or modify widgets?

Options:

A.

dashboard

B.

reporting

C.

context explorer

D.

summary tool

Buy Now
Questions 54

Which group within Cisco does the Threat Response team use for threat analysis and research?

Options:

A.

Cisco Deep Analytics

B.

OpenDNS Group

C.

Cisco Network Response

D.

Cisco Talos

Buy Now
Questions 55

After deploying a network-monitoring tool to manage and monitor networking devices in your organization, you realize that you need to manually upload an MIB for the Cisco FMC. In which folder should you upload the MIB file?

Options:

A.

/etc/sf/DCMIB.ALERT

B.

/sf/etc/DCEALERT.MIB

C.

/etc/sf/DCEALERT.MIB

D.

system/etc/DCEALERT.MIB

Buy Now
Questions 56

Which command-line mode is supported from the Cisco Firepower Management Center CLI?

Options:

A.

privileged

B.

user

C.

configuration

D.

admin

Buy Now
Questions 57

Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

Options:

A.

An option to re-apply NAT and VPN policies during registration is available, so users do not need to re- apply the policies after registration is completed.

B.

Before re-adding the device in Cisco FMC, you must add the manager back in the device.

C.

No option to delete and re-add a device is available in the Cisco FMC web interface.

D.

The Cisco FMC web interface prompts users to re-apply access control policies.

E.

No option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.

Buy Now
Questions 58

Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

Options:

A.

configure coredump packet-engine enable

B.

capture-traffic

C.

capture

D.

capture WORD

Buy Now
Questions 59

Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.

Options:

Buy Now
Questions 60

Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?

Options:

A.

system generate-troubleshoot

B.

show configuration session

C.

show managers

D.

show running-config | include manager

Buy Now
Questions 61

Which CLI command is used to control special handling of ClientHello messages?

Options:

A.

system support ssl-client-hello-tuning

B.

system support ssl-client-hello-display

C.

system support ssl-client-hello-force-reset

D.

system support ssl-client-hello-enabled

Buy Now
Questions 62

When do you need the file-size command option during troubleshooting with packet capture?

Options:

A.

when capture packets are less than 16 MB

B.

when capture packets are restricted from the secondary memory

C.

when capture packets exceed 10 GB

D.

when capture packets exceed 32 MB

Buy Now
Questions 63

Which Cisco Firepower feature is used to reduce the number of events received in a period of time?

Options:

A.

rate-limiting

B.

suspending

C.

correlation

D.

thresholding

Buy Now
Questions 64

Which two packet captures does the FTD LINA engine support? (Choose two.)

Options:

A.

Layer 7 network ID

B.

source IP

C.

application ID

D.

dynamic firewall importing

E.

protocol

Buy Now
Questions 65

Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?

Options:

A.

Child domains can view but not edit dashboards that originate from an ancestor domain.

B.

Child domains have access to only a limited set of widgets from ancestor domains.

C.

Only the administrator of the top ancestor domain can view dashboards.

D.

Child domains cannot view dashboards that originate from an ancestor domain.

Buy Now
Questions 66

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

Options:

A.

system support firewall-engine-debug

B.

system support ssl-debug

C.

system support platform

D.

system support dump-table

Buy Now
Exam Code: 300-710
Exam Name: Securing Networks with Cisco Firepower (300-710 SNCF)
Last Update: Dec 22, 2024
Questions: 325

PDF + Testing Engine

$144.99

Testing Engine

$109.99

PDF (Q&A)

$94.99