New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF)

Cisco 300-710 Premium Access     Download Demo    
Page: 4 / 12
Total 385 questions

What is a valid Cisco AMP file disposition?

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

A company wants a solution to aggregate the capacity of two Cisco FTD devices to make the best use of resources such as bandwidth and connections per second. Which order of steps must be taken across the Cisco FTDs with Cisco FMC to meet this requirement?

A.

Configure the Cisco FTD interfaces, add members to FMC, configure cluster members in FMC, and create cluster in Cisco FMC.

B.

Add members to Cisco FMC, configure Cisco FTD interfaces in Cisco FMC. configure cluster members in Cisco FMC, create cluster in Cisco FMC. and configure cluster members in Cisco FMC.

C.

Configure the Cisco FTD interfaces and cluster members, add members to Cisco FMC. and create the cluster in Cisco FMC.

D.

Add members to the Cisco FMC, configure Cisco FTD interfaces, create the cluster in Cisco FMC, and configure cluster members in Cisco FMC.

An engineer is troubleshooting application failures through a FTD deployment. While using the FMC CLI. it has been determined that the traffic in question is not matching the desired policy. What should be done to correct this?

A.

Use the system support firewall-engine-debug command to determine which rules the traffic matchingand modify the rule accordingly

B.

Use the system support application-identification-debug command to determine which rules the traffic matching and modify the rule accordingly

C.

Use the system support firewall-engine-dump-user-f density-data command to change the policy and allow the application through the firewall.

D.

Use the system support network-options command to fine tune the policy.

An organization is using a Cisco FTD and Cisco ISE to perform identity-based access controls. A network administrator is analyzing the Cisco FTD events and notices that unknown user traffic is being allowed through the firewall. How should this be addressed to block the traffic while allowing legitimate user traffic?

A.

Modify the Cisco ISE authorization policy to deny this access to the user.

B.

Modify Cisco ISE to send only legitimate usernames to the Cisco FTD.

C.

Add the unknown user in the Access Control Policy in Cisco FTD.

D.

Add the unknown user in the Malware & File Policy in Cisco FTD.

A security engineer must create a malware and file policy on a Cisco Secure Firewall Threat Defense device. The solution must ensure that PDF. DOCX, and XLSX files are not sent lo Cisco Secure Malware analytics. What must do configured to meet the requirements''

A.

capacity handling

B.

Spero analysis

C.

dynamic analysis

D.

local malware analysis

Which firewall mode is Cisco Secure Firewall Threat Defense in when two physical interfaces are assigned to a named BVI?

A.

Routed

B.

Transparent

C.

In-line

D.

IPS only

What is the difference between inline and inline tap on Cisco Firepower?

A.

Inline tap mode can send a copy of the traffic to another device.

B.

Inline tap mode does full packet capture.

C.

Inline mode cannot do SSL decryption.

D.

Inline mode can drop malicious traffic.

What is the result when two users modify a VPN policy at the same lime on a Cisco Secure Firewall Management Center managed device?

A.

Both users can edit the policy arid the last saved configuration persists.

B.

The first user locks the configuration when selecting edit on the policy.

C.

The changes from both users will be merged together into the policy.

D.

The system prevents modifications to the policy by multiple users.

An engineer is implementing a new Cisco Secure Firewall. The firewall must filler traffic between the three subnets:

• LAN 192.168.101.0724

• DMZ 192.168 200.0/24

• WAN 10.0.0.0/30

Which firewall mode must the engineer implement?

A.

transparent

B.

network

C.

routed

D.

gateway

An engineer is restoring a Cisco FTD configuration from a remote backup using the command restore remote-manager-backup location 1.1.1.1 admin /volume/home/admin BACKUP_Cisc394602314.zip on a Cisco FMG. After connecting to the repository, an error occurred that prevents the FTD device from accepting the backup file. What is the problem?

A.

The backup file is not in .cfg format.

B.

The backup file is too large for the Cisco FTD device

C.

The backup file extension was changed from tar to zip

D.

The backup file was not enabled prior to being applied