Cisco 300-710 Online Practice Questions and Exam Preparation

Cisco 300-710 Online Questions & Answers

• Question 251:

  A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https:///capture/CAPI/pcap/test.pcap. an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

  A. Disable the HTTPS server and use HTTP instead.
  B. Enable the HTTPS server for the device platform policy.
  C. Disable the proxy setting on the browser.
  D. Use the Cisco FTD IP address as the proxy server setting on the browser.
  B. Enable the HTTPS server for the device platform policy.

• Question 252:

  Which firewall design will allow it to forward traffic at layers 2 and 3 for the same subnet?

  A. routed mode
  B. Cisco Firepower Threat Defense mode
  C. transparent mode
  D. integrated routing and bridging
  D. integrated routing and bridging

• Question 253:

  Which two dynamic routing protocols are supported in Cisco FTD without using FlexConfig? (Choose two.)

  A. EIGRP
  B. OSPF
  C. static routing
  D. IS-IS
  E. BGP
  B. OSPF
  E. BGP

  ---

  https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660/fptd-fdm-routing.html

• Question 254:

  An engineer is working on a LAN switch and has noticed that its network connection to the inline Cisco IPS has gone down. Upon troubleshooting, it is determined that the switch is working as expected. What must have been implemented for this failure to occur?

  A. The upstream router has a misconfigured routing protocol.
  B. Link-state propagation is enabled.
  C. The Cisco IPS has been configured to be in fail-open mode.
  D. The Cisco IPS is configured in detection mode.
  B. Link-state propagation is enabled.

• Question 255:

  A network administrator reviews me attack risk report and notices several Low-Impact attacks. What does this type of attack indicate?

  A. All attacks are listed as low until manually categorized.
  B. The host is not vulnerable to those attacks.
  C. The attacks are not dangerous to the network.
  D. The host is not within the administrator's environment.
  B. The host is not vulnerable to those attacks.

  ---

  A low-impact attack indicates that the host is not vulnerable to those attacks. A low-impact attack is an attack that does not exploit any known vulnerability on the target host or does not match any signature or anomaly rule on the FTD device5. A low-impact attack does not mean that the attack is not dangerous to the network or that the host is not within the administrator's environment. It simply means that the attack did not succeed in compromising or affecting the host. The other options are incorrect because: All attacks are not listed as low until manually categorized. The FTD device automatically assigns an impact level to each attack based on various factors, such as vulnerability information, threat score, and confidence rating5. The impact level can be high, medium, or low, depending on how likely and how severe the attack is. The attacks are not necessarily harmless to the network. A low-impact attack may still cause some damage or disruption to the network, such as consuming bandwidth, generating noise, or distracting attention from other attacks6. A low-impact attack may also indicate that the attacker is probing or scanning the network for potential vulnerabilities or weaknesses7. The host is not necessarily outside the administrator's environment. A low-impact attack can target any host on the network, regardless of its location or ownership. A low-impact attack does not imply that the host is external or irrelevant to the administrator's environment.

• Question 256:

  With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

  A. inline set
  B. passive
  C. routed
  D. inline tap
  B. passive

  ---

  Explanation Explanation/Reference:In Cisco Firepower Threat Defense (FTD) software, the "passive" interface mode must be configured to passively receive traffic that passes through the appliance. When set to passive mode, the interface listens to the network traffic but does not actively participate in the network; it does not transmit any packets. This configuration is typically used for monitoring and logging purposes without impacting the flow of traffic.

• Question 257:

  A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality. There is a requirement to analyze the traffic going across the device, alert on any malicious traffic, and appear as a bump in the wire. How should this be implemented?

  A. Specify the BVl IP address as the default gateway for connected devices.
  B. Enable routing on the Cisco Firepower
  C. Add an IP address to the physical Cisco Firepower interfaces.
  D. Configure a bridge group in transparent mode.
  D. Configure a bridge group in transparent mode.

  ---

  Traditionally, a firewall is a routed hop and acts as a default gateway for hosts that connect to one of its screened subnets. A transparent firewall, on the other hand, is a Layer 2 firewall that acts like a "bump in the wire," or a "stealth firewall," and is not seen as a router hop to connected devices. However, like any other firewall, access control between interfaces is controlled, and all of the usual firewall checks are in place. Layer 2 connectivity is achieved by using a "bridge group" where you group together the inside and outside interfaces for a network, and the ASA uses bridging techniques to pass traffic between the interfaces. Each bridge group includes a Bridge Virtual Interface (BVI) to which you assign an IP address on the network. You can have multiple bridge groups for multiple networks. In transparent mode, these bridge groups cannot communicate with each other. https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/general/asa-97-general-config/intro-fw.html

• Question 258:

  Which limitation applies to Cisco FMC dashboards in a multi-domain environment?

  A. Child domains are able to view but not edit dashboards that originate from an ancestor domain.
  B. Child domains have access to only a limited set of widgets from ancestor domains.
  C. Only the administrator of the top ancestor domain is able to view dashboards.
  D. Child domains are not able to view dashboards that originate from an ancestor domain.
  D. Child domains are not able to view dashboards that originate from an ancestor domain.

  ---

  Explanation Explanation/Reference:https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Using_Dashboards.html

• Question 259:

  A network administrator is configuring a Cisco AMP public cloud instance and wants to capture infections and polymorphic variants of a threat to help detect families of malware. Which detection engine meets this requirement?

  A. Ethos
  B. Tetra
  C. RBAC
  D. Spero
  A. Ethos

• Question 260:

  The network administrator wants to enhance the network security posture by enabling machine learning tor malware detection due to a concern with suspicious Microsoft executable file types that were seen while creating monthly security reports for the CIO. Which feature must be enabled to accomplish this goal?

  A. Spero
  B. dynamic analysis
  C. static analysis
  D. Ethos
  A. Spero