Massive Black Friday Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

300-710 Questions and Answers

Question # 4

What are two application layer preprocessors? (Choose two.)

A.

CIFS

B.

IMAP

C.

SSL

D.

DNP3

E.

ICMP

Full Access
Question # 5

Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?

A.

Cisco Firepower Threat Defense mode

B.

transparent mode

C.

routed mode

D.

integrated routing and bridging

Full Access
Question # 6

Which two routing options are valid with Cisco FTD? (Choose Two)

A.

BGPv6

B.

ECMP with up to three equal cost paths across multiple interfaces

C.

ECMP with up to three equal cost paths across a single interface

D.

BGPv4 in transparent firewall mode

E.

BGPv4 with nonstop forwarding

Full Access
Question # 7

A network administrator notices that SI events are not being updated The Cisco FTD device is unable to load all of the SI event entries and traffic is not being blocked as expected. What must be done to correct this issue?

A.

Restart the affected devices in order to reset the configurations

B.

Manually update the SI event entries to that the appropriate traffic is blocked

C.

Replace the affected devices with devices that provide more memory

D.

Redeploy configurations to affected devices so that additional memory is allocated to the SI module

Full Access
Question # 8

Refer to the exhibit.

An organization has an access control rule with the intention of sending all social media traffic for inspection After using the rule for some time, the administrator notices that the traffic is not being inspected, but is being automatically allowed What must be done to address this issue?

A.

Modify the selected application within the rule

B.

Change the intrusion policy to connectivity over security.

C.

Modify the rule action from trust to allow

D.

Add the social network URLs to the block list

Full Access
Question # 9

An engineer wants to connect a single IP subnet through a Cisco FTD firewall and enforce policy. There is a requirement to present the internal IP subnet to the outside as a different IP address. What must be configured to meet these requirements?

A.

Configure the downstream router to perform NAT.

B.

Configure the upstream router to perform NAT.

C.

Configure the Cisco FTD firewall in routed mode with NAT enabled.

D.

Configure the Cisco FTD firewall in transparent mode with NAT enabled.

Full Access
Question # 10

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A.

Shut down the Cisco FMC before powering up the replacement unit.

B.

Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC.

C.

Unregister the faulty Cisco FTD device from the Cisco FMC

D.

Shut down the active Cisco FTD device before powering up the replacement unit.

Full Access
Question # 11

In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

A.

Traffic inspection can be interrupted temporarily when configuration changes are deployed.

B.

The system performs intrusion inspection followed by file inspection.

C.

They can block traffic based on Security Intelligence data.

D.

File policies use an associated variable set to perform intrusion prevention.

E.

The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.

Full Access
Question # 12

Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

A.

BGPv6

B.

ECMP with up to three equal cost paths across multiple interfaces

C.

ECMP with up to three equal cost paths across a single interface

D.

BGPv4 in transparent firewall mode

E.

BGPv4 with nonstop forwarding

Full Access
Question # 13

Which Cisco Firepower rule action displays an HTTP warning page?

A.

Monitor

B.

Block

C.

Interactive Block

D.

Allow with Warning

Full Access
Question # 14

Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)

A.

OSPFv2 with IPv6 capabilities

B.

virtual links

C.

SHA authentication to OSPF packets

D.

area boundary router type 1 LSA filtering

E.

MD5 authentication to OSPF packets

Full Access
Question # 15

What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

A.

The rate-limiting rule is disabled.

B.

Matching traffic is not rate limited.

C.

The system rate-limits all traffic.

D.

The system repeatedly generates warnings.

Full Access
Question # 16

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet.

Full Access
Question # 17

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

A.

application blocking

B.

simple custom detection

C.

file repository

D.

exclusions

E.

application whitelisting

Full Access
Question # 18

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

A.

unavailable

B.

unknown

C.

clean

D.

disconnected

Full Access
Question # 19

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

A.

Add the malicious file to the block list.

B.

Send a snapshot to Cisco for technical support.

C.

Forward the result of the investigation to an external threat-analysis engine.

D.

Wait for Cisco Threat Response to automatically block the malware.

Full Access
Question # 20

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

A.

Windows domain controller

B.

audit

C.

triage

D.

protection

Full Access
Question # 21

What is the maximum SHA level of filtering that Threat Intelligence Director supports?

A.

SHA-1024

B.

SHA-4096

C.

SHA-512

D.

SHA-256

Full Access
Question # 22

What is a valid Cisco AMP file disposition?

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

Full Access
Question # 23

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

A.

system support firewall-engine-debug

B.

system support ssl-debug

C.

system support platform

D.

system support dump-table

Full Access
Question # 24

Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

A.

configure coredump packet-engine enable

B.

capture-traffic

C.

capture

D.

capture WORD

Full Access
Question # 25

Which two packet captures does the FTD LINA engine support? (Choose two.)

A.

Layer 7 network ID

B.

source IP

C.

application ID

D.

dynamic firewall importing

E.

protocol

Full Access
Question # 26

Which command must be run to generate troubleshooting files on an FTD?

A.

system support view-files

B.

sudo sf_troubleshoot.pl

C.

system generate-troubleshoot all

D.

show tech-support

Full Access
Question # 27

Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high- availability?

A.

configure high-availability resume

B.

configure high-availability disable

C.

system support network-options

D.

configure high-availability suspend

Full Access
Question # 28

Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.

Full Access
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 30 Nov 2021