Practice Free 300-710 Exam Online Questions
An engineer must create an access control policy on a Cisco Secure Firewall Threat Defense device.
The company has a contact center that utilizes VoIP heavily, and it is critical that this traffic is not ….
by performance issues after deploying the access control policy.
Which access control Action rule must be configured to handle the VoIP traffic?
- A . monitor
- B . trust
- C . block
- D . allow
With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the appliance?
- A . ERSPAN
- B . IPS-only
- C . firewall
- D . tap
A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it.
What is the reason for this issue?
- A . A manual NAT exemption rule does not exist at the top of the NAT table.
- B . An external NAT IP address is not configured.
- C . An external NAT IP address is configured to match the wrong interface.
- D . An object NAT exemption rule does not exist at the top of the NAT table.
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)
- A . Traffic inspection can be interrupted temporarily when configuration changes are deployed.
- B . The system performs intrusion inspection followed by file inspection.
- C . They can block traffic based on Security Intelligence data.
- D . File policies use an associated variable set to perform intrusion prevention.
- E . The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.
Which two deployment types support high availability? (Choose two.)
- A . transparent
- B . routed
- C . clustered
- D . intra-chassis multi-instance
- E . virtual appliance in public cloud
A network engineer detects a connectivity issue between Cisco Secure Firewall Management Centre and Cisco Secure Firewall Threat Defense Initial troubleshooting indicates that heartbeats and events not being received. The engineer re-establishes the secure channels between both peers.
Which two commands must the engineer run to resolve the issue? (Choose two.)
- A . manage_procs.pl
- B . sudo stats_unified.pl
- C . sudo perfstats -Cq < /var/sf/rna/correlator-stats/now
- D . show history
- E . show disk-manager
IT management is asking the network engineer to provide high-level summary statistics of the Cisco FTD appliance in the network. The business is approaching a peak season so the need to maintain business uptime is high.
Which report type should be used to gather this information?
- A . Malware Report
- B . Standard Report
- C . SNMP Report
- D . Risk Report
Which license type is required on Cisco ISE to integrate with Cisco FMC pxGrid?
- A . mobility
- B . plus
- C . base
- D . apex
An engineer is configuring two new Cisco FTD devices to replace the existing high availability firewall pair in a highly secure environment. The information exchanged between the FTD devices over the failover link must be encrypted.
Which protocol supports this on the Cisco FTD?
- A . IPsec
- B . SSH
- C . SSL
- D . MACsec
An engineer is configuring two new Cisco Secure Firewall Threat Defense devices to replace the existing firewalls. Network traffic must be analyzed for intrusion events without impacting the traffic.
What must the engineer implement next to accomplish the goal?
- A . Passive mode
- B . Inline Pair in Tap mode
- C . ERSPAN Passive mode
- D . Inline Pair mode