Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

300-710 Questions and Answers

Question # 4

What are the minimum requirements to deploy a managed device inline?

A.

inline interfaces, security zones, MTU, and mode

B.

passive interface, MTU, and mode

C.

inline interfaces, MTU, and mode

D.

passive interface, security zone, MTU, and mode

Full Access
Question # 5

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A.

Shut down the Cisco FMC before powering up the replacement unit.

B.

Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC.

C.

Unregister the faulty Cisco FTD device from the Cisco FMC

D.

Shut down the active Cisco FTD device before powering up the replacement unit.

Full Access
Question # 6

Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)

A.

EIGRP

B.

OSPF

C.

static routing

D.

IS-IS

E.

BGP

Full Access
Question # 7

Which two deployment types support high availability? (Choose two.)

A.

transparent

B.

routed

C.

clustered

D.

intra-chassis multi-instance

E.

virtual appliance in public cloud

Full Access
Question # 8

An administrator is attempting to add a new FTD device to their FMC behind a NAT device with a NAT ID of NAT001 and a password of Cisco0420l06525. The private IP address of the FMC server is 192.168.45.45. which is being translated to the public IP address of 209.165.200.225/27. Which command set must be used in order to accomplish this task?

A.

configure manager add 209.165.200.225

B.

configure manager add 192.168.45,45

C.

configure manager add 209.165.200.225 255.255.255.224

D.

configure manager add 209.165.200.225/27

Full Access
Question # 9

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

A.

Windows domain controller

B.

audit

C.

triage

D.

protection

Full Access
Question # 10

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

A.

application blocking

B.

simple custom detection

C.

file repository

D.

exclusions

E.

application whitelisting

Full Access
Question # 11

What is the maximum SHA level of filtering that Threat Intelligence Director supports?

A.

SHA-1024

B.

SHA-4096

C.

SHA-512

D.

SHA-256

Full Access
Question # 12

What is a valid Cisco AMP file disposition?

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

Full Access
Question # 13

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

A.

unavailable

B.

unknown

C.

clean

D.

disconnected

Full Access
Question # 14

Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

A.

pxGrid

B.

FTD RTC

C.

FMC RTC

D.

ISEGrid

Full Access
Question # 15

What is the RTC workflow when the infected endpoint is identified?

A.

Cisco ISE instructs Cisco AMP to contain the infected endpoint.

B.

Cisco ISE instructs Cisco FMC to contain the infected endpoint.

C.

Cisco AMP instructs Cisco FMC to contain the infected endpoint.

D.

Cisco FMC instructs Cisco ISE to contain the infected endpoint.

Full Access
Question # 16

A hospital network needs to upgrade their Cisco FMC managed devices and needs to ensure that a disaster recovery process is in place. What must be done in order to minimize downtime on the network?

A.

Configure a second circuit to an ISP for added redundancy

B.

Keep a copy of the current configuration to use as backup

C.

Configure the Cisco FMCs for failover

D.

Configure the Cisco FMC managed devices for clustering.

Full Access
Question # 17

An engineer is attempting to create a new dashboard within the Cisco FMC to have a single view with widgets from many of the other dashboards. The goal is to have a mixture of threat and security related widgets along with Cisco Firepower device health information. Which two widgets must be configured to provide this information? (Choose two).

A.

Intrusion Events

B.

Correlation Information

C.

Appliance Status

D.

Current Sessions

E.

Network Compliance

Full Access
Question # 18

Which two considerations must be made when deleting and re-adding devices while managing them via Cisco FMC (Choose two).

A.

Before re-adding the device In Cisco FMC, the manager must be added back.

B.

The Cisco FMC web interface prompts users to re-apply access control policies.

C.

Once a device has been deleted, It must be reconfigured before it is re-added to the Cisco FMC.

D.

An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the polices after registration is completed.

E.

There is no option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.

Full Access
Question # 19

An engineer attempts to pull the configuration for a Cisco FTD sensor to review with Cisco TAC but does not have direct access to the CU for the device. The CLl for the device is managed by Cisco FMC to which the engineer has access. Which action in Cisco FMC grants access to the CLl for the device?

A.

Export the configuration using the Import/Export tool within Cisco FMC.

B.

Create a backup of the configuration within the Cisco FMC.

C.

Use the show run all command in the Cisco FTD CLI feature within Cisco FMC.

D.

Download the configuration file within the File Download section of Cisco FMC.

Full Access
Question # 20

A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?

A.

A manual NAT exemption rule does not exist at the top of the NAT table.

B.

An external NAT IP address is not configured.

C.

An external NAT IP address is configured to match the wrong interface.

D.

An object NAT exemption rule does not exist at the top of the NAT table.

Full Access
Question # 21

An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time. What configuration change must be made to alleviate this issue?

A.

Leave default networks.

B.

Change the method to TCP/SYN.

C.

Increase the number of entries on the NAT device.

D.

Exclude load balancers and NAT devices.

Full Access
Question # 22

What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

A.

The rate-limiting rule is disabled.

B.

Matching traffic is not rate limited.

C.

The system rate-limits all traffic.

D.

The system repeatedly generates warnings.

Full Access
Question # 23

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet.

Full Access
Question # 24

Which object type supports object overrides?

A.

time range

B.

security group tag

C.

network object

D.

DNS server group

Full Access
Question # 25

Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

A.

BGPv6

B.

ECMP with up to three equal cost paths across multiple interfaces

C.

ECMP with up to three equal cost paths across a single interface

D.

BGPv4 in transparent firewall mode

E.

BGPv4 with nonstop forwarding

Full Access
Question # 26

Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

A.

FlexConfig

B.

BDI

C.

SGT

D.

IRB

Full Access
Question # 27

Within Cisco Firepower Management Center, where does a user add or modify widgets?

A.

dashboard

B.

reporting

C.

context explorer

D.

summary tool

Full Access
Question # 28

What is a functionality of port objects in Cisco FMC?

A.

to mix transport protocols when setting both source and destination port conditions in a rule

B.

to represent protocols other than TCP, UDP, and ICMP

C.

to represent all protocols in the same way

D.

to add any protocol other than TCP or UDP for source port conditions in access control rules.

Full Access
Question # 29

What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

A.

1024

B.

8192

C.

4096

D.

2048

Full Access
Question # 30

When do you need the file-size command option during troubleshooting with packet capture?

A.

when capture packets are less than 16 MB

B.

when capture packets are restricted from the secondary memory

C.

when capture packets exceed 10 GB

D.

when capture packets exceed 32 MB

Full Access
Question # 31

Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

A.

configure coredump packet-engine enable

B.

capture-traffic

C.

capture

D.

capture WORD

Full Access
Question # 32

Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

A.

An option to re-apply NAT and VPN policies during registration is available, so users do not need to re- apply the policies after registration is completed.

B.

Before re-adding the device in Cisco FMC, you must add the manager back in the device.

C.

No option to delete and re-add a device is available in the Cisco FMC web interface.

D.

The Cisco FMC web interface prompts users to re-apply access control policies.

E.

No option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.

Full Access
Question # 33

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

A.

system support firewall-engine-debug

B.

system support ssl-debug

C.

system support platform

D.

system support dump-table

Full Access
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 26 Sep 2022