Cisco 300-710 Online Practice Questions and Exam Preparation

Cisco 300-710 Online Questions & Answers

• Question 371:

  An administrator is attempting to add a new FTD device to their FMC behind a NAT device with a NAT ID of NAT001 and a password of Cisco0123456789. The private IP address of the FMC server is 192.168.45.45, which is being translated to the public IP address of 209.165.200.225/27. Which command set must be used in order to accomplish this task?

  A. configure manager add 209.165.200.225 255.255.255.224
  B. configure manager add 209.165.200.225
  C. configure manager add 209.165.200.225/27
  D. configure manager add 192.168.45.45
  B. configure manager add 209.165.200.225

• Question 372:

  Which Cisco AMP for Endpoints policy is used only for monitoring endpoint activity?

  A. Windows domain controller
  B. audit
  C. triage
  D. protection
  B. audit

  ---

  https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/214933-amp-for-endpoints-deployment-methodology.html

• Question 373:

  Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

  A. Redundant Interface
  B. EtherChannel
  C. Speed
  D. Media Type
  E. Duplex
  C. Speed
  E. Duplex

  ---

  Explanation Explanation/Reference:https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm-interfaces.html

• Question 374:

  A network administrator has converted a Cisco FTD from using LDAP to LDAPS for VPN authentication. The Cisco FMC can connect to the LDAPS server, but the Cisco FTD is not connecting. Which configuration must be enabled on the Cisco FTD?

  A. The LDAPS must be allowed through the access control policy.
  B. The RADIUS server must be defined.
  C. SSL must be set to a use TLSv1.2 or lower.
  D. DNS servers must be defined for name resolution.
  A. The LDAPS must be allowed through the access control policy.

• Question 375:

  How many report templates does the Cisco Firepower Management Center support?

  A. 20
  B. 10
  C. 5
  D. unlimited
  D. unlimited

  ---

  https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Working_with_Reports.html

• Question 376:

  What are the minimum requirements to deploy a managed device inline?

  A. inline interfaces, security zones, MTU, and mode
  B. passive interface, MTU, and mode
  C. inline interfaces, MTU, and mode
  D. passive interface, security zone, MTU, and mode
  C. inline interfaces, MTU, and mode

  ---

  Explanation Explanation/Reference:"minimum requirements" The answer is C: Inline interface, MTU and Mode Security zone is optional https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/ips_device_deployments_and_configuration.html

• Question 377:

  A network engineer must provide redundancy between two Cisco FTD devices. The redundancy configuration must include automatic configuration, translation, and connection updates. After the initial configuration of the two appliances, which two steps must be taken to proceed with the redundancy configuration? (Choose two.)

  A. Configure the virtual MAC address on the failover link.
  B. Configure the failover link with stateful properties.
  C. Disable hellos on the inside interface.
  D. Ensure the high availability license is enabled.
  E. Configure the standby IP addresses.
  A. Configure the virtual MAC address on the failover link.
  E. Configure the standby IP addresses.

• Question 378:

  An engineer must configure a Cisco FMC dashboard in a child domain. Which action must be taken so that the dashboard is visible to the parent domain?

  A. Adjust policy inheritance settings
  B. Add a separate widget
  C. Create a copy of the dashboard
  D. Add a separate tab
  C. Create a copy of the dashboard

• Question 379:

  A network administrator is configuring an instance of Cisco Secure Firewall Threat Defense, which is registered to Cisco Secure Firewall Management Center, to prevent internal users from downloading executable files from the internet. What must be created and configured by the administrator to meet the requirement?

  A. Access policy rule that allows users to reach the internet and assigns a file policy that blocks executable downloads to the rule.
  B. File policy that blocks downloads of all executable files and applies the file policy to the default action in the access policy.
  C. File policy rule that allows users to reach the internet with a second rule applied that blocks application use of FTP.
  D. Access policy rule that allows users to reach the internet with a second rule that blocks application executables.
  A. Access policy rule that allows users to reach the internet and assigns a file policy that blocks executable downloads to the rule.

• Question 380:

  With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the appliance?

  A. ERSPAN
  B. firewall
  C. tap
  D. IPS-only
  C. tap

  ---

  In Cisco Firepower Threat Defense (FTD) software, configuring an interface in "tap" mode is necessary to passively receive traffic that passes through the appliance. Tap mode allows the interface to act as a passive listening device, monitoring traffic between other devices without interfering or altering the traffic flow. This mode is used primarily for intrusion detection and monitoring purposes, enabling the appliance to analyze traffic for potential threats or anomalies while maintaining the integrity of the network's operational status.