300-710 exam

An organization is using a Cisco FTD and Cisco ISE to perform identity-based access controls. A network administrator is analyzing the Cisco FTD events and notices that unknown user traffic is being allowed through the firewall. How should this be addressed to block the traffic while allowing legitimate user traffic?A...

Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?A . FlexConfigB . BDIC . SGTD . IRBView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/relnotes/Firepower_System_Release_Notes_Version_620/new_features_and_functionality.html

Which policy rule is included in the deployment of a local DMZ during the initial deployment of a Cisco NGFW through the Cisco FMC GUI?A . a default DMZ policy for which only a user canchange the IP addresses.B . deny ip anyC . no policy rule is includedD ....

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)A . The BVI IP address must be in a separate subnet from the connected network.B . Bridge groups are supported in both transparent and routed firewall modes.C . Bridge groups are supported only in transparent firewall mode.D...

What are the minimum requirements to deploy a managed device inline?A . inline interfaces, security zones, MTU, and modeB . passive interface, MTU, and modeC . inline interfaces, MTU, and modeD . passive interface, security zone, MTU, and modeView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/ips_device_deployments_and_configuration.html

A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?A . Configure IDS mode when creating or editing a policy rule under...

How many report templates does the Cisco Firepower Management Center support?A . 20B . 10C . 5D . unlimitedView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Working_with_Reports.html

An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time. What configuration change must...

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?A . VPN connections can be re-established only if the failed master unit recovers.B . Smart License is required to maintain VPN connections simultaneously across all cluster units.C . VPN connections must be re-established when a new...

When do you need the file-size command option during troubleshooting with packet capture?A . when capture packets are less than 16 MBB . when capture packets are restricted from the secondary memoryC . when capture packets exceed 10 GBD . when capture packets exceed 32 MBView AnswerAnswer: D Explanation: Reference:...