Cisco 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF)

Cisco 300-710 Premium Access Download Demo

Page: 10 / 12
Total 385 questions

An engineer must configure high availability on two Cisco Secure Firewall Threat Defense appliances. Drag and drop the configuration steps from the left into the sequence on the right.

Question # 92

When an engineer captures traffic on a Cisco FTD to troubleshoot a connectivity problem, they receive a large amount of output data in the GUI tool. The engineer found that viewing the Captures this way is time-consuming and difficult lo son and filter. Which file type must the engineer export the data in so that it can be reviewed using a tool built for this type of analysis?

NetFlow v9

PCAP

NetFlow v5

IPFIX

Explanation:

When capturing traffic on a Cisco FTD device to troubleshoot a connectivity problem, a file type that can be exported for reviewing using a tool built for this type of analysis is PCAP.Â PCAP stands for Packet Capture and it is a file format used to store network packet data captured from anetwork interface8.Â PCAP files contain the raw data of network packets, including the headers and payloads of each packet8.

PCAP files are widely used in network analysis and troubleshooting tasks.Â They enable network administrators, analysts, and researchers to inspect and analyze network traffic for various purposes, such as diagnosing network issues, detecting malicious activity, measuring network performance, and understanding network protocols8.Â PCAP files can be read by applications that understand that format, such as Wireshark, tcpdump, CA NetMaster, or Microsoft Network Monitor8.

The other options are incorrect because:

NetFlow v9 is not a file type, but a protocol for collecting and exporting information about network flows.Â A network flow is a sequence of packets that share common attributes such as source and destination IP addresses, ports, and protocols9.Â NetFlow v9 records contain summary information about network flows, such as start and end times, byte counts, packet counts, and so on9. NetFlow v9 records do not contain the raw data of network packets.

NetFlow v5 is not a file type, but an earlier version of the NetFlow protocol for collecting and exporting information about network flows.Â NetFlow v5 records contain similar information as NetFlow v9 records, but with fewer fields and less flexibility10. NetFlow v5 records do not contain the raw data of network packets.

IPFIX is not a file type, but a protocol for collecting and exporting information about network flows.Â IPFIX stands for IP Flow Information Export and it is based on NetFlow v9, but with some extensions and improvements11.Â IPFIX records contain similar information as NetFlow v9 records, but with more fields and more flexibility11. IPFIX records do not contain the raw data of network packets.

Question # 93

A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet How is this accomplished on an FTD device in routed mode?

by leveraging the ARP to direct traffic through the firewall

by assigning an inline set interface

by using a BVI and create a BVI IP address in the same subnet as the user segment

by bypassing protocol inspection by leveraging pre-filter rules

Question # 94

An engineer has been tasked with using Cisco FMC to determine if files being sent through the network are malware. Which two configuration tasks must be performed to achieve this file lookup? (Choose two).

The Cisco FMC needs to include a SSL decryption policy.

The Cisco FMC needs to connect to the Cisco AMP for Endpoints service.

The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for sandboxing.

The Cisco FMC needs to connect with the FireAMP Cloud.

The Cisco FMC needs to include a file inspection policy for malware lookup.

Question # 95

Which action must be taken to configure an isolated bridge group for IRB mode on a Cisco Secure Firewall device?

Add the restricted segment to the ACL.

Leave BVI interface name empty.

Define the NAT pool for the blocked traffic.

Remove the route from the routing table.

Question # 96

A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows.

It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it. Which Cisco IPS mode meets these requirements?

failsafe

inline tap

promiscuous

bypass

Question # 97

An engineer must deny ICMP traffic to the networks of separate departments that use Cisco Secure Firewall Management Center. The engineer must use the same object on the relevant device for each network. What must be configured in Secure Firewall Management Center?

IP address

IP range

Deny ICMP check box

Allow Overrides check box

Question # 98

Network users are experiencing Intermittent issues with internet access. An engineer ident med mat the issue Is being caused by NAT exhaustion. How must the engineer change the dynamic NAT configuration to provide internet access for more users without running out of resources?

Define an additional static NAT for the network object in use.

Configure fallthrough to interface PAT on 'he Advanced tab.

Convert the dynamic auto NAT rule to dynamic manual NAT.

Add an identity NAT rule to handle the overflow of users.

Question # 99

An engineer must investigate a connectivity issue by using Cisco Secure Firewall Management Center to access the Packet Capture feature on a Cisco Secure Firewall Threat Defense

device. The engineer must see a real packet going through the Secure Firewall Threat Defense device and the Snort detection actions. While reviewing the packet capture, the engineer

discovers that the Snort detection actions are missing. Which action must the engineer take to resolve the issue?

Specify the packet size.

Specify the buffer size.

Enable the Continuous Capture option.

Enable the Trace option.

Question # 100

A company is deploying Cisco Secure Endpoint private cloud. The Secure Endpoint private cloud instance has already been deployed by the server administrator. The server administrator provided the hostname of the private cloud instance to the network engineer via email. What additional information does the network engineer require from the server administrator to be able to make the connection to Secure Endpoint private cloud in Cisco Secure Firewall Management Centre?

SSL certificate for the Secure Endpoint ornate cloud instance

Internet access for the Secure End point private cloud to reach the Secure Endpoint public cloud

Username and password to the Secure Endpoint private cloud instance

IP address and port number for the connection proxy

New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF)

The Answer Is:

Explanation:

The Answer Is:

Explanation:

The Answer Is:

Explanation:

The Answer Is:

The Answer Is:

Explanation:

The Answer Is:

The Answer Is:

The Answer Is:

Explanation:

The Answer Is:

The Answer Is:

Explanation: