300-710 Online Practice Questions and Answers

Which two actions can be used in an access control policy rule? (Choose two.)

A. Block with Reset

B. Monitor

C. Analyze

D. Discover

E. Block ALL

What is the benefit of selecting the trace option for packet capture?

A. The option indicates whether the packet was dropped or successful.

B. The option indicated whether the destination host responds through a different path.

C. The option limits the number of packets that are captured.

D. The option captures details of each packet.

Which command must be run to generate troubleshooting files on an FTD?

A. system support view-files

B. sudo sf_troubleshoot.pl

C. system generate-troubleshoot all

D. show tech-support

Within Cisco Firepower Management Center, where does a user add or modify widgets?

A. dashboard

B. reporting

C. context explorer

D. summary tool

What is a valid Cisco AMP file disposition?

A. non-malicious

B. malware

C. known-good

D. pristine

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

A. dynamic null route configured

B. DHCP pool disablement

C. quarantine

D. port shutdown

E. host shutdown

A security analyst must create a new report within Cisco FMC to show an overview of the daily attacks, vulnerabilities, and connections. The analyst wants to reuse specific dashboards from other reports to create this consolidated one. Which action accomplishes this task?

A. Create a new dashboard object via Object Management to represent the desired views.

B. Modify the Custom Workflows within the Cisco FMC to feed the desired data into the new report.

C. Copy the Malware Report and modify the sections to pull components from other reports.

D. Use the import feature in the newly created report to select which dashboards to add.

A network administrator is troubleshooting access to a website hosted behind a Cisco FTD device. External clients cannot access the web server via HTTPS. The IP address configured on the web server is 192.168.7.46. The administrator is running the command capture CAP interface outside match ip any 192.168.7.46 255.255.255.255 but cannot see any traffic in the capture. Why is this occurring?

A. The capture must use the public IP address of the web server.

B. The packet capture shows only blocked traffic.

C. The FTD has no route to the web server.

D. The access policy is blocking the traffic.

A network administrator is configuring a site-to-site IPsec VPN to a router sitting behind a Cisco FTD. The administrator has configured an access policy to allow traffic to this device on UDP 500, 4500, and ESP VPN traffic is not working. Which action resolves this issue?

A. Set the allow action in the access policy to trust.

B. Enable IPsec inspection on the access policy.

C. Modify the NAT policy to use the interface PAT.

D. Change the access policy to allow all ports.

A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to support?

A. active/active failover

B. transparent

C. routed

D. high availability clustering