300-710 Online Practice Questions and Answers

With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

A. inline set

B. passive

C. routed

D. inline tap

Which command-line mode is supported from the Cisco Firepower Management Center CLI?

A. privileged

B. user

C. configuration

D. admin

What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

A. 1024

B. 8192

C. 4096

D. 2048

Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

A. An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the policies after registration is completed.

B. Before re-adding the device in Cisco FMC, you must add the manager back in the device.

C. No option to delete and re-add a device is available in the Cisco FMC web interface.

D. The Cisco FMC web interface prompts users to re-apply access control policies.

E. There is no option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.

An engineer is configuring a second Cisco FMC as a standby device but is unable to register with the active unit. What is causing this issue?

A. The primary FMC currently has devices connected to it.

B. The code versions running on the Cisco FMC devices are different.

C. The licensing purchased does not include high availability

D. There is only 10Mbps of bandwidth between the two devices.

A network administrator notices that SI events are not being updated. The Cisco FTD device is unable to load all of the SI event entries and traffic is not being blocked as expected. What must be done to correct this issue?

A. Restart the affected devices in order to reset the configurations.

B. Redeploy configurations to affected devices so that additional memory is allocated to the SI module.

C. Replace the affected devices with devices that provide more memory.

D. Manually update the SI event entries to that the appropriate traffic is blocked.

Which two conditions must be met to enable high availability between two Cisco FTD devices? (Choose two.)

A. same flash memory size

B. same NTP configuration

C. same DHCP/PPoE configuration

D. same host name

E. same number of interfaces

An engineer must deploy a Cisco FTD appliance via Cisco FMC to span a network segment to detect malware and threats. When setting the Cisco FTD interface mode, which sequence of actions meets this requirement?

A. Set to passive, and configure an access control policy with an intrusion policy and a file policy defined.

B. Set to passive, and configure an access control policy with a prefilter policy defined.

C. Set to none, and configure an access control policy with an intrusion policy and a file policy defined.

D. Set to none, and configure an access control policy with a prefilter policy defined.

When using Cisco Threat Response, which phase of the Intelligence Cycle publishes the results of the investigation?

A. direction

B. dissemination

C. processing

D. analysis

Which two features can be used with Cisco Secure Firewall Threat Defense remote access VPN? (Choose two.)

A. enable Duo two-factor authentication using LDAPS

B. support for Cisco Secure Firewall 4100 Series in cluster mode

C. SSL remote access VPN supports port sharing with other Cisco FTD features using SSL port 443

D. use of license utilization for zero-touch network deployment

E. support for Rapid Threat Containment using RADIUS dynamic authorization