Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Cisco 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF)

Cisco 300-710 Premium Access     Download Demo    
Page: 7 / 10
Total 376 questions

After using Firepower for some time and learning about how it interacts with the network, an administrator is trying to correlate malicious activity with a user Which widget should be configured to provide this visibility on the Cisco Firepower dashboards?

A.

Custom Analysis

B.

Current Status

C.

Current Sessions

D.

Correlation Events

An analyst is reviewing the Cisco FMC reports for the week. They notice that some peer-to-peer applications are being used on the network and they must identify which poses the greatest risk to the environment. Which report gives the analyst this information?

A.

Attacks Risk Report

B.

User Risk Report

C.

Network Risk Report

D.

Advanced Malware Risk Report

What is the result when two users modify a VPN policy at the same lime on a Cisco Secure Firewall Management Center managed device?

A.

Both users can edit the policy arid the last saved configuration persists.

B.

The first user locks the configuration when selecting edit on the policy.

C.

The changes from both users will be merged together into the policy.

D.

The system prevents modifications to the policy by multiple users.

An engineer configures an access control rule that deploys file policy configurations to security zones or tunnel zones, and it causes the device to restart. What is the reason for the restart?

A.

Source or destination security zones in the access control rule matches the security zones that are associated with interfaces on the target devices.

B.

The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the destination policy.

C.

Source or destination security zones in the source tunnel zone do not match the security zones that are associated with interfaces on the target devices.

D.

The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the source policy.

A network administrator is configuring a site-to-site IPsec VPN to a router sitting behind a Cisco FTD. The administrator has configured an access policy to allow traffic to this device on UDP 500, 4500, and ESP VPN traffic is not working. Which action resolves this issue?

A.

Set the allow action in the access policy to trust.

B.

Enable IPsec inspection on the access policy.

C.

Modify the NAT policy to use the interface PAT.

D.

Change the access policy to allow all ports.

What is the advantage of having Cisco Firepower devices send events to Cisco Threat response via the security services exchange portal directly as opposed to using syslog?

A.

Firepower devices do not need to be connected to the internet.

B.

All types of Firepower devices are supported.

C.

Supports all devices that are running supported versions of Firepower

D.

An on-premises proxy server does not need to set up and maintained

An engineer has been asked to show application usages automatically on a monthly basis and send the information to management What mechanism should be used to accomplish this task?

A.

event viewer

B.

reports

C.

dashboards

D.

context explorer

An engineer is troubleshooting application failures through a FTD deployment. While using the FMC CLI. it has been determined that the traffic in question is not matching the desired policy. What should be done to correct this?

A.

Use the system support firewall-engine-debug command to determine which rules the traffic matchingand modify the rule accordingly

B.

Use the system support application-identification-debug command to determine which rules the traffic matching and modify the rule accordingly

C.

Use the system support firewall-engine-dump-user-f density-data command to change the policy and allow the application through the firewall.

D.

Use the system support network-options command to fine tune the policy.

An organization is configuring a new Cisco Firepower High Availability deployment. Which actionmust be taken to ensure that failover is as seamless as possible to end users?

A.

Set up a virtual failover MAC address between chassis.

B.

Use a dedicated stateful link between chassis.

C.

Load the same software version on both chassis.

D.

Set the same FQDN for both chassis.

What is the benefit of selecting the trace option for packet capture?

A.

The option indicates whether the packet was dropped or successful.

B.

The option indicated whether the destination host responds through a different path.

C.

The option limits the number of packets that are captured.

D.

The option captures details of each packet.