300-710 exam

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?A . VPN connections can be re-established only if the failed master unit recovers.B . Smart License is required to maintain VPN connections simultaneously across all cluster units.C . VPN connections must be re-established when a new...

On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?A . transparent inline modeB . TAP modeC . strict TCP enforcementD . propagate link stateView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/inline_sets_and_passive_interfaces_for_firepower_threat_defense.html

When creating a report template, how can the results be limited to show only the activity of a specific subnet?A . Create a custom search in Firepower Management Center and select it in each section of the report.B . Add an Input Parameter in the Advanced Settings of the report,...

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)A . The BVI IP address must be in a separate subnet from the connected network.B . Bridge groups are supported in both transparent and routed firewall modes.C . Bridge groups are supported only in transparent firewall mode.D...

Which interface type allows packets to be dropped?A . passiveB . inlineC . ERSPAND . TAPView AnswerAnswer: B Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200908-configuring-firepower-threat-defense-int.html

What are two application layer preprocessors? (Choose two.)A . CIFSB . IMAPC . SSLD . DNP3E . ICMPView AnswerAnswer: B,C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Application_Layer_Preprocessors.html

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?A . configure manager local 10.0.0.10 Cisco123B . configure manager add Cisco123 10.0.0.10C . configure manager local Cisco123 10.0.0.10D . configure manager...

In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)A . Traffic inspection can be interrupted temporarily when configuration changes are deployed.B . The system performs intrusion inspection followed by file inspection.C . They can block traffic based on Security Intelligence data.D . File...

Which object type supports object overrides?A . time rangeB . security group tagC . network objectD . DNS server groupView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reusable_Objects.html#concept_8BFE8B9A83D742D9B647A74F7AD50053

With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?A . inline setB . passiveC . routedD . inline tapView AnswerAnswer: B Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/interface_overview_for_firepower_threat_defense.html