300-710 exam

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?A . VPN connections can be re-established only if the failed master unit recovers. B. Smart License is required to maintain VPN connections simultaneously across all cluster units. C. VPN connections must be re-established when a new...

A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service? (Choose two.)A . outbound port TCP/443 B. inbound port TCP/80 C. outbound port TCP/8080 D. inbound port TCP/443 E. outbound...

What is the benefit of selecting the trace option for packet capture?A . The option indicates whether the packet was dropped or successful. B. The option indicated whether the destination host responds through a different path. C. The option limits the number of packets that are captured. D. The option...

Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high-availability?A . configure high-availability resume B. configure high-availability disable C. system support network-options D. configure high-availability suspendView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/firepower_threat_defense_high_availability.html

An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?A . Deploy the firewall in transparent mode with access control policies. B. Deploy the firewall in routed mode with access control...

An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices? A. Add a native instance to distribute traffic to each Cisco FTD...

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?A . configure manager local 10.0.0.10 Cisco123 B. configure manager add Cisco123 10.0.0.10 C. configure manager local Cisco123 10.0.0.10 D. configure manager...

Which command must be run to generate troubleshooting files on an FTD?A . system support view-files B. sudo sf_troubleshoot.pl C. system generate-troubleshoot all D. show tech-supportView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/sourcefire-defense-center/117663-technote-SourceFire-00.html

An organization does not want to use the default Cisco Firepower block page when blocking HTTP traffic. The organization wants to include information about its policies and procedures to help educate the users whenever a block occurs. Which two steps must be taken to meet these requirements? (Choose two.)A ....

An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. They are unable to gather information about neighbouring Cisco devices or use multicast in their environment. What must be done to resolve this issue?A . Create a firewall rule...