300-745 Exam Details

  • Exam Code
    :300-745
  • Exam Name
    :Designing Cisco Security Infrastructure (300-745 SDSI) v1.0
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :75 Q&As
  • Last Updated
    :Jul 09, 2026

Cisco 300-745 Online Questions & Answers

  • Question 21:

    A legal services company wants to prevent remote employees from accessing personal email and social media accounts while using corporate laptops.

    Which security solution enforces the policy?

    A. Cisco TrustSec
    B. RADIUS server
    C. Cisco Umbrella
    D. network monitoring tool

  • Question 22:

    An IT company experienced the spread of malicious content between user endpoints, which impacted business critical resources. The company wants to implement a solution to control communication between individual endpoints on the network.

    Which approach achieves the goal?

    A. RADIUS
    B. TrustSec
    C. posture
    D. profiling

  • Question 23:

    A network operations group manages firewalls, VPN gateways, and identity systems. The security architect must ensure that administrators can perform only the actions required for their job duties.

    Which design control should be used?

    A. Role-based access control
    B. NAT overload
    C. GRE tunneling
    D. Web application firewall

  • Question 24:

    A security architect is designing controls for a Kubernetes application. Several microservices run in separate namespaces, and only specific services should be allowed to communicate with each other based on labels.

    Which control should be included in the design?

    A. Kubernetes network policies
    B. A public cloud load balancer
    C. DNS forwarding rules
    D. Object storage encryption

  • Question 25:

    After a recent security breach, a financial company is reassessing their overall security posture and strategy to better protect sensitive data and resources. The company already deployed on-premises next-generation firewalls at the network edge for each branch location.

    Security measures must be enhanced at the endpoint level. The goal is to implement a solution that provides additional traffic filtering directly on endpoint devices, thereby offering another layer of defense against potential threats.

    Which technology must be implemented to meet the requirement?

    A. host-based firewall
    B. web application firewall
    C. distributed firewall
    D. traditional firewall

  • Question 26:

    How does a SOC leverage flow collectors?

    A. It performs data backup and recovery.
    B. It performs load balancing capabilities across systems to optimize performance.
    C. It provides data for analysis in threat detection and response system.
    D. It provides real time content filtering.

  • Question 27:

    A restaurant distribution center recently suffered a password spray attack targeting the Cisco Secure Firepower Threat Defense VPN headend.

    The attack attempts to gain unauthorized access by trying common passwords across many accounts. The attack poses a significant security threat to the organization's remote access infrastructure.

    To enhance the security of VPN setup and minimize the risk of similar attacks in the future, the IT security team must implement effective mitigation measures.

    Which technique effectively reduces the risk of this type of attack?

    A. Implement an access list to block addresses from the previous password spray attack.
    B. Disable group aliases in the connection profiles.
    C. Change the AAA authentication method from RADIUS to TACACS+.
    D. Enable AAA authentication for the DefaultWEBVPN and DefaultRAGroup Connection Profiles.

  • Question 28:

    A company hosted multiple applications in the Kubernetes environment, using the naming app01, app02, and so on. An app01 user could access app02 data because no security measures are implemented.

    The administrator decided to place each application within a separate namespace and ensure that the namespaces are completely isolated and cannot communicate with each other.

    Which solution must be used to accomplish the task?

    A. HTTPRoute
    B. RoleBinding
    C. NetworkPolicy
    D. Gateway

  • Question 29:

    What does watermarking AI generated content prevent?

    A. massive resource consumption
    B. deep fakes
    C. harmful content
    D. scale changes

  • Question 30:

    A technology company has many remote workers who access corporate resources from various locations.

    The company must ensure that security policies are managed and enforced directly on endpoints, and endpoints are protected from threats regardless of location.

    Which firewall architecture meets the requirements?

    A. next-generation firewall
    B. host-based firewall
    C. web application firewall
    D. traditional firewall

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-745 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.