Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF)

Cisco 300-710 Premium Access     Download Demo    
Page: 5 / 10
Total 376 questions

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

A.

Send Cisco FTD connection events and security events directly to SIEM system for storage and analysis.

B.

Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis.

C.

Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis.

D.

Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis.

An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring?

A.

The NAT ID is required since the Cisco FMC is behind a NAT device.

B.

The IP address used should be that of the Cisco FTD. not the Cisco FMC.

C.

DONOTRESOLVE must be added to the command

D.

The registration key is missing from the command

Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

A.

FlexConfig

B.

BDI

C.

SGT

D.

IRB

When creating a report template, how can the results be limited to show only the activity of a specific subnet?

A.

Create a custom search in Firepower Management Center and select it in each section of the report.

B.

Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.

C.

Add a Table View section to the report with the Search field defined as the network in CIDR format.

D.

Select IP Address as the X-Axis in each section of the report.

Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choosetwo.)

A.

OSPFv2 with IPv6 capabilities

B.

virtual links

C.

SHA authentication to OSPF packets

D.

area boundary router type 1 LSA filtering

E.

MD5 authentication to OSPF packets

What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

A.

The rate-limiting rule is disabled.

B.

Matching traffic is not rate limited.

C.

The system rate-limits all traffic.

D.

The system repeatedly generates warnings.

Refer to the exhibit.

A systems administrator conducts a connectivity test to their SCCM server from a host machine and gets no response from the server. Which action ensures that the ping packets reach the destination and that the host receives replies?

A.

Create an access control policy rule that allows ICMP traffic.

B.

Configure a custom Snort signature to allow ICMP traffic after Inspection.

C.

Modify the Snort rules to allow ICMP traffic.

D.

Create an ICMP allow list and add the ICMP destination to remove it from the implicit deny list.

A network administrator must create an EtherChannel Interface on a new Cisco Firepower 9300 appliance registered with an FMC tor high availability. Where must the administrator create the EtherChannel interface?

A.

FMC CLI

B.

FTD CLI

C.

FXOS CLI

D.

FMC GUI

An engineer Is configuring a Cisco FTD device to place on the Finance VLAN to provide additional protection tor company financial data. The device must be deployed without requiring any changes on the end user workstations, which currently use DHCP lo obtain an IP address. How must the engineer deploy the device to meet this requirement?

A.

Deploy the device in routed mode and allow DHCP traffic in the access control policies.

B.

Deploy the device in routed made aid enable the DHCP Relay feature.

C.

Deploy the device in transparent mode and allow DHCP traffic in the access control policies

D.

Deploy the device in transparent mode and enable the DHCP Server feature.

A VPN user is unable to conned lo web resources behind the Cisco FTD device terminating the connection. While troubleshooting, the network administrator determines that the DNS responses are not getting through the Cisco FTD What must be done to address this issue while still utilizing Snort IPS rules?

A.

Uncheck the "Drop when Inline" box in the intrusion policy to allow the traffic.

B.

Modify the Snort rules to allow legitimate DNS traffic to the VPN users.

C.

Disable the intrusion rule threshes to optimize the Snort processing.

D.

Decrypt the packet after the VPN flow so the DNS queries are not inspected