Cisco 300-710 Online Practice Questions and Exam Preparation

Cisco 300-710 Online Questions & Answers

• Question 291:

  An engineer must configure email notifications on Cisco Secure Firewall Management Center. TLS encryption must be used to protect the messages from unauthorized access. The engineer adds the IP address of the mail relay host and must set the port number. Which TCP port must the engineer use?

  A. 25
  B. 389
  C. 465
  D. 587
  C. 465

• Question 292:

  An engineer has been tasked with providing disaster recovery for an organization's primary Cisco FMC. What must be done on the primary and secondary Cisco FMCs to ensure that a copy of the original corporate policy is available if the primary Cisco FMC fails?

  A. Restore the primary Cisco FMC backup configuration to the secondary Cisco FMC device when the primary device fails.
  B. Connect the primary and secondary Cisco FMC devices with Category 6 cables of not more than 10 meters in length.
  C. Configure high-availability in both the primary and secondary Cisco FMCs.
  D. Place the active Cisco FMC device on the same trusted management network as the standby device.
  C. Configure high-availability in both the primary and secondary Cisco FMCs.

  ---

  https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/firepower_management_center_high_availability.html

• Question 293:

  Which Cisco Secure Endpoint policy is used only for monitoring endpoint activity?

  A. Windows domain controller
  B. audit
  C. triage
  D. protection
  B. audit

• Question 294:

  With Cisco FirePOWER Threat Defense software, which interface mode do you configure to passively receive traffic that passes the appliance?

  A. transparent
  B. routed
  C. passive
  D. inline set
  E. inline tap
  C. passive

• Question 295:

  A network administrator registered a new FTD to an existing FMC. The administrator cannot place the FTD in transparent mode. Which action enables transparent mode?

  A. Deregister the FTD device from FMC and configure transparent mode via the CLI.
  B. Obtain an FTD model that supports transparent mode.
  C. Add a Bridge Group Interface to the FTD before transparent mode is configured.
  D. Assign an IP address to two physical interfaces.
  A. Deregister the FTD device from FMC and configure transparent mode via the CLI.

• Question 296:

  An engineer must configure and generate a report in Cisco Secure Firewall Management Center. The report must allow for the addition of headers and footers, and it will contain many pages. Which format must the engineer configure the report to use?

  A. pdf
  B. xls
  C. xml
  D. doc
  A. pdf

  ---

  In Cisco Secure Firewall Management Center (FMC), reports can be generated in multiple formats, but PDF is the best choice when a report requires headers, footers, and a structured, paginated layout. PDF is well-suited for reports that contain many pages, as it preserves formatting across pages and allows for the inclusion of headers and footers. This format is commonly used for formal reporting, where the layout needs to be fixed and printable.

• Question 297:

  A security engineer must configure policies tor a recently deployed Cisco FTD. The security policy for the company dictates that when five or more connections from external sources are initiated within 2 minutes, there is cause for concern. Which type of policy must be configured in Cisco FMC \z generate an alert when this condition is triggered?

  A. application detector
  B. access control
  C. intrusion
  D. correlation
  D. correlation

  ---

  A correlation policy is a feature that allows you to respond in real time to threats or specific conditions on your network, using correlation rules. A correlation rule can trigger when the system generates a specific type of event, or when your network traffic deviates from its normal profile1. When a correlation rule triggers, the system generates a correlation event and can also launch a response, such as sending an alert, blocking an IP address, or scanning a host1. In this case, the security engineer can configure a correlation rule that triggers when the system detects five or more connections from external sources within 2 minutes. The engineer can also configure a response that sends an alert to the FMC or an email recipient when this condition is triggered. The engineer can then create a correlation policy that includes this rule and activate it on the FTD device1. The other options are incorrect because: An application detector is a feature that allows you to detect web applications, clients, and application protocols based on patterns in network traffic. An application detector does not generate alerts based on the number of connections from external sources2. An access control policy is a feature that allows you to control traffic flow through your network and inspect traffic for intrusions, malware, and files. An access control policy does not generate alerts based on the number of connections from external sources3. An intrusion policy is a feature that allows you to detect and prevent malicious network activity using Snort rules. An intrusion policy does not generate alerts based on the number of connections from external sources4.

• Question 298:

  After a network security breach, an engineer must strengthen the security of the corporate network. Upper management must be regularly updated with a high-level overview of any occurring network threats. Which access must the engineer provide upper management to view the required data from Cisco Secure Firewall Management Center?

  A. Analysis > Status with a sliding time window of one day
  B. Events by priority and classification and set a sliding time window of one day
  C. Reports with a daily recurring task that generates based on the network risk report template
  D. Security Intelligence Statistics dashboard set to Show the Last option to one day
  A. Analysis > Status with a sliding time window of one day

• Question 299:

  A company wants a solution to aggregate the capacity of two Cisco FTD devices to make the best use of resources such as bandwidth and connections per second. Which order of steps must be taken across the Cisco FTDs with Cisco FMC to meet this requirement?

  A. Add members to the Cisco FMC, configure Cisco FTD interfaces, create the cluster in Cisco FMC, and configure cluster members in Cisco FMC
  B. Add members to Cisco FMC, configure Cisco FTD interfaces in Cisco FMC, configure cluster members in Cisco FMC, create cluster in Cisco FMC, and configure cluster members in Cisco FMC
  C. Configure the Cisco FTD interfaces, add members to FMC, configure cluster members in FMC, and create cluster in Cisco FMC
  D. Configure the Cisco FTD interfaces and cluster members, add members to Cisco FMC, and create the cluster in Cisco FMC
  D. Configure the Cisco FTD interfaces and cluster members, add members to Cisco FMC, and create the cluster in Cisco FMC

• Question 300:

  An administrator is setting up Cisco FirePower to send data to the Cisco Stealthwatch appliances. The NetFlow_Set_Parameters objet is already created, but NetFlow is not being sent to the flow collector. What must be done to prevent this from occurring?

  A. Create a service identifier to enable the NetFlow service.
  B. Add the NetFlow_Send_Destination object to the configuration.
  C. Create a Security Intelligence object to send the data to Cisco Stealthwatch.
  D. Add the NetFlow_Add_Destination object to the configuration.
  D. Add the NetFlow_Add_Destination object to the configuration.

  ---

  Explanation Explanation/Reference:Cisco Firepower uses FlexConfig objects to send NetFlow data. Here's the key point: NetFlow_Set_Parameters object: Defines the parameters of the NetFlow data being exported (e.g., version, sampling rate). NetFlow_Add_Destination object: Specifies the IP address and port of the flow collector (in this case, your Cisco Stealthwatch appliance) where the NetFlow data should be sent.