The administrator notices that there is malware present with an .exe extension and needs to verify if any of the systems on the network are running the executable file. What must be configured within Cisco AMP for Endpoints to show this data?
A. vulnerable software
B. file analysis
C. threat root cause
D. prevalence
Which Cisco AMP for Endpoints policy is used only for monitoring endpoint activity?
A. Windows domain controller
B. audit
C. triage
D. protection
An analyst using the security analyst account permissions is trying to view the Correlations Events Widget but is not able to access it. However, other dashboards are accessible. Why is this occurring?
A. The widget is configured to display only when active events are present
B. The security analyst role does not have permission to view this widget
C. An API restriction within the Cisco FMC is preventing the widget from displaying
D. The widget is not configured within the Cisco FMC
An engineer is troubleshooting connectivity to the DNS servers from hosts behind a new Cisco FTD device. The hosts cannot send DNS queries to servers in the DMZ. Which action should the engineer take to troubleshoot this issue using the real DNS packets?
A. Use the packet capture tool to check where the traffic is being blocked and adjust the access control or intrusion policy as needed
B. Use the Connection Events dashboard to check the block reason and adjust the inspection policy as needed
C. Use the packet tracer tool to determine at which hop the packet is being dropped
D. Use the show blocks command in the Threat Defense CLI tool and create a policy to allow the blocked traffic
An engineer must configure a Cisco FMC dashboard in a child domain. Which action must be taken so that the dashboard is visible to the parent domain?
A. Adjust policy inheritance settings
B. Add a separate widget
C. Create a copy of the dashboard
D. Add a separate tab
An analyst is investigating a potentially compromised endpoint within the network and pulls a host report for the endpoint in question to collect metrics and documentation. What information should be taken from this report for the investigation?
A. client applications by user, web applications, and user connections
B. number of attacked machines, sources of the attack, and traffic patterns
C. threat detections over time and application protocols transferring malware
D. intrusion events, host connections, and user sessions
An engineer must investigate a connectivity issue and decides to use the packet capture feature on Cisco FTD. The goal is to see the real packet going through the Cisco FTD device and see Snort detection actions as a part of the output. After the capture-traffic command is issued, only the packets are displayed. Which action resolves this issue?
A. Specify the trace using the -T option after the capture-traffic command
B. Perform the trace within the Cisco FMC GUI instead of the Cisco FMC CLI
C. Use the verbose option as a part of the capture-traffic command
D. Use the capture command and specify the trace option to get the required information
A network engineer is tasked with minimizing traffic interruption during peak traffic times. When the SNORT inspection engine is overwhelmed, what must be configured to alleviate this issue?
A. Enable IPS inline link state propagation
B. Enable Pre-filter policies before the SNORT engine failure
C. Set a Trust ALL access control policy
D. Enable Automatic Application Bypass
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https://
A. Disable the proxy setting on the browser
B. Disable the HTTPS server and use HTTP instead
C. Disable the HTTPS server and use HTTP instead
D. Enable the HTTPS server for the device platform policy
Which two considerations must be made when deleting and re-adding devices while managing them via Cisco FMC? (Choose two.)
A. An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the policies after registration is completed.
B. Before re-adding the device in Cisco FMC, the manager must be added back.
C. Once a device has been deleted, it must be reconfigured before it is re-added to the Cisco FMC.
D. The Cisco FMC web interface prompts users to re-apply access control policies.
E. There is no option to re-apply NAT and VPN policies during registration available, so users need to re-apply the policies after registration is completed.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-710 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.