Cisco 300-710 Online Practice Questions and Exam Preparation

Cisco 300-710 Online Questions & Answers

• Question 191:

  A company is deploying Cisco Secure Firewall Threat Defense with IPS. What must be implemented in inline mode to pass the traffic without inspection during spikes and ensure that network traffic is kept?

  A. Change the interface mode to Routed
  B. Select Propagate Link State
  C. Increase the MTU to 9000
  D. Set the Snort Failsafe option
  D. Set the Snort Failsafe option

• Question 192:

  Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

  A. BGPv6
  B. ECMP with up to three equal cost paths across multiple interfaces
  C. ECMP with up to three equal cost paths across a single interface
  D. BGPv4 in transparent firewall mode
  E. BGPv4 with nonstop forwarding
  A. BGPv6
  B. ECMP with up to three equal cost paths across multiple interfaces

  ---

  Explanation Explanation/Reference:https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/fpmc-config-guide-v60_chapter_01100011.html#ID-2101-0000000e

• Question 193:

  An organization does not want to use the default Cisco Firepower block page when blocking HTTP traffic. The organization wants to include information about its policies and procedures to help educate the users whenever a block occurs. Which two steps must be taken to meet these requirements? (Choose two.)

  A. Edit the HTTP request handling in the access control policy to customized block
  B. Modify the system-provided block page result using Python
  C. Create HTML code with the information for the policies and procedures
  D. Change the HTTP response in the access control policy to custom
  E. Write CSS code with the information for the policies and procedures
  C. Create HTML code with the information for the policies and procedures
  D. Change the HTTP response in the access control policy to custom

• Question 194:

  A network administrator notices that SI events are not being updated. The Cisco FTD device is unable to load all of the SI event entries and traffic is not being blocked as expected. What must be done to correct this issue?

  A. Restart the affected devices in order to reset the configurations.
  B. Redeploy configurations to affected devices so that additional memory is allocated to the SI module.
  C. Replace the affected devices with devices that provide more memory.
  D. Manually update the SI event entries to that the appropriate traffic is blocked.
  B. Redeploy configurations to affected devices so that additional memory is allocated to the SI module.

• Question 195:

  

  Refer to the exhibit. An engineer is configuring an instance of Cisco Secure Firewall Threat Defense with interfaces in IPS Inline Pair mode. What must be configured on interface e1/6 to accomplish the requirement?

  A. propagate link state disabled
  B. inline set MTU set to 1500
  C. FailSafe disabled
  D. security zone set to OUTSIDE_ZONE
  B. inline set MTU set to 1500

• Question 196:

  Which two actions can be used in an access control policy rule? (Choose two.)

  A. Block with Reset
  B. Monitor
  C. Analyze
  D. Discover
  E. Block ALL
  A. Block with Reset
  B. Monitor

  ---

  Explanation Explanation/Reference:https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module-user-guide-v541/AC-Rules-Tuning-Overview.html#71854

• Question 197:

  What is a behavior of a Cisco FMC database purge?

  A. User login and history data are removed from the database if the User Activity check box is selected.
  B. Data can be recovered from the device.
  C. The appropriate process is restarted.
  D. The specified data is removed from Cisco FMC and kept for two weeks.
  C. The appropriate process is restarted.

  ---

  Explanation Explanation/Reference:https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/management_center_database_purge.pdf

• Question 198:

  An engineer plans to reconfigure an existing Cisco FTD from transparent mode to routed mode. Which additional action must be taken to maintain communication Between me two network segments?

  A. Configure a NAT rule so mat traffic between the segments is exempt from NAT.
  B. Update the IP addressing so that each segment is a unique IP subnet.
  C. Deploy inbound ACLs on each interface to allow traffic between the segments.
  D. Assign a unique VLAN ID for the interface in each segment.
  B. Update the IP addressing so that each segment is a unique IP subnet.

  ---

  When reconfiguring an existing Cisco FTD from transparent mode to routed mode, an additional action that must be taken to maintain communication between the two network segments is to update the IP addressing so that each segment is a unique IP subnet. This is because in routed mode, the FTD device acts as a router hop in the network and requires each interface to be on a different subnet. In transparent mode, the FTD device acts as a layer 2 firewall and does not require different subnets for each interface1. The other options are incorrect because: Configuring a NAT rule so that traffic between the segments is exempt from NAT is not necessary to maintain communication between the two network segments. NAT is used to translate IP addresses between different networks, but it does not affect the routing of packets. Moreover, NAT is optional in routed mode and can be disabled if not needed2. Deploying inbound ACLs on each interface to allow traffic between the segments is not required to maintain communication between the two network segments. ACLs are used to control access to network resources based on source and destination addresses, protocols, and ports. They do not affect the routing of packets. Furthermore, ACLs are optional in routed mode and can be configured as needed3. Assigning a unique VLAN ID for the interface in each segment is not relevant to maintain communication between the two network segments. VLANs are used to create logical groups of hosts that share the same broadcast domain, regardless of their physical location or connection. They do not affect the routing of packets. Besides, VLANs are not supported in routed mode and can only be used in transparent mode4.

• Question 199:

  Refer to the exhibit.

  

  An engineer is configuring access control rules on a Cisco Secure Firewall Threat Defense device. The access control rules must include a file policy with rules that will trigger when MSEXE files are accessed. Which two actions must be configured in the access rule? (Choose two.)

  A. block files with reset
  B. interactive block
  C. monitor
  D. allow
  E. trust
  A. block files with reset
  C. monitor

  ---

  The first row in the exhibit shows an action for MSEXE files set to "Block Files with Reset". This action will block the MSEXE files and send a TCP reset to terminate the connection, effectively preventing the files from being accessed or downloaded. The second row shows an action for MSEXE files set to "Detect Files". This is essentially a monitoring action that allows the system to log and detect MSEXE file access events without blocking them. In this configuration, combining "Block Files with Reset" and "Detect Files" enables both blocking specific actions and monitoring file access, providing comprehensive control and visibility for MSEXE files.

• Question 200:

  On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?

  A. transparent inline mode
  B. TAP mode
  C. strict TCP enforcement
  D. propagate link state
  B. TAP mode

  ---

  Explanation Explanation/Reference:Click Advanced to set the following optional parameters: CORRECT ANSWER (B) Tap Mode - Set to inline tap mode. INCORRECT ANSWER Propagate Link State: Link state propagation automatically brings down the second interface in the inline interface pair when one of the interfaces in an inline set goes down. When the downed interface comes back up, the second interface automatically comes back up, also. In other words, if the link state of one interface changes, the device senses the change and updates the link state of the other interface to match it. Note that devices require up to 4 seconds to propagate link state changes. Link state propagation is especially useful in resilient network environments where routers are configured to reroute traffic automatically around network devices that are in a failure state. https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/inline_sets_and_passive_interfaces_for_firepower_threat_defense.html