TESTED 20 Jun
300-710 Online Practice Questions and Answers
DRAG DROP
A network engineer is deploying a Cisco Firepower 4100 appliance and must configure a multi-instance environment for high availability. Drag and drop me actions from the left into sequence on the right far this configuration.
Select and Place:
What is a result of enabling Cisco FTD clustering?
A. For the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.
B. Integrated Routing and Bridging is supported on the master unit.
C. Site-to-site VPN functionality is limited to the master unit, and all VPN connections are dropped if the master unit fails.
D. All Firepower appliances can support Cisco FTD clustering.
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)
A. The BVI IP address must be in a separate subnet from the connected network.
B. Bridge groups are supported in both transparent and routed firewall modes.
C. Bridge groups are supported only in transparent firewall mode.
D. Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.
E. Each directly connected network must be on the same subnet.
Network traffic coming from an organization's CEO must never be denied. Which access control policy configuration option should be used if the deployment engineer is not permitted to create a rule to allow all traffic?
A. Change the intrusion policy from security to balance.
B. Configure a trust policy for the CEO.
C. Configure firewall bypass.
D. Create a NAT policy just for the CEO.
A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisco FMC generated an alert for the malware event, however the user still remained connected. Which Cisco AMP file rule action within the Cisco FMC must be set to resolve this issue?
A. Malware Cloud Lookup
B. Reset Connection
C. Detect Files
D. Local Malware Analysis
An engainer must add DNS-specific rules to me Cisco FTD intrusion policy. The engineer wants to use the rules currently in the Cisco FTD Snort database that are not already enabled but does not want to enable more than are needed. Which action meets these requirements?
A. Change the dynamic state of the rule within the policy.
B. Change the base policy to Security over Connectivity.
C. Change the rule state within the policy being used.
D. Change the rules using the Generate and Use Recommendations feature.
A network administrator registered a new FTD to an existing FMC. The administrator cannot place the FTD in transparent mode. Which action enables transparent mode?
A. Add a Bridge Group Interface to the FTD before transparent mode is configured.
B. Dereglster the FTD device from FMC and configure transparent mode via the CLI.
C. Obtain an FTD model that supports transparent mode.
D. Assign an IP address to two physical interfaces.
Refer to the exhibit.
A security engineer must improve security in an organization and is producing a risk mitigation strategy to present to management for approval. Which action must the security engineer take based on this Attacks Risk Report?
A. Block NetBIOS.
B. Inspect TCP port 80 traffic.
C. Block Internet Explorer.
D. Inspect DNS traffic.
An engineer must export a packet capture from Cisco Secure Firewall Management Center to assist in troubleshooting an issue on a Secure Firewall Threat Defense device. When the engineer navigates to the URL for Secure Firewall Management Center at:
https:///capture/CAPI/pcap/sample.pcap
The engineer receives a 403: Forbidden error instead of being provided with the PCAP file. Which action resolves the issue?
A. Disable the proxy setting on the client browser.
B. Disable the HTTPS server and use HTTP.
C. Enable HTTPS in the device platform policy.
D. Enable the proxy setting in the device platform policy.
An engineer must change the mode of a Cisco Secure Firewall Threat Defense (FTD) firewall in the Cisco Secure Firewall Management Center (FMC) inventory.
The engineer must take these actions:
1.
Register Secure FTD with Secure FMC.
2.
Change the firewall mode.
3.
Deregister the Secure FTD device from Secure FMC.
How must the engineer take FTD take the actions?
A. Reload the Secure FTD device.
B. Configure the management IP address.
C. Access the Secure FTD CLI from the console port.
D. Erase the Secure FTD configuration
Home | Contact Us | About Us | FAQ | Guarantee & Policy | Privacy & Policy | Terms & Conditions | How to buy
Copyright © 2026 pass4itsure.com. All Rights Reserved