300-745 Exam Details

  • Exam Code
    :300-745
  • Exam Name
    :Designing Cisco Security Infrastructure (300-745 SDSI) v1.0
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :75 Q&As
  • Last Updated
    :Jul 09, 2026

Cisco 300-745 Online Questions & Answers

  • Question 61:

    A company is moving a business application into multiple cloud environments. The architects want firewall enforcement close to each workload while keeping policy management consistent from a central place.

    Which design best meets this goal?

    A. Distributed firewall
    B. Host-based antivirus only
    C. Serial console server
    D. Static route summarization

  • Question 62:

    A furniture company recently discovered that the endpoint detection and response configuration flagged several malicious files on company-managed laptops.

    The company must enhance security to prevent known malicious files from being delivered to the network and endpoints.

    The new solution must enhance the company's ability to inspect and filter incoming traffic effectively.

    Which security product must be used to accomplish this goal?

    A. next-generation firewall
    B. traditional firewall
    C. host-based firewall
    D. eBPF

  • Question 63:

    A SOC receives alerts and logs from firewalls, endpoints, identity systems, and cloud services. Analysts need one platform to search events, correlate activity, and trigger rules across these sources.

    Which capability best supports this requirement?

    A. Security information and event management
    B. Application load balancing
    C. DHCP relay
    D. Packet shaping

  • Question 64:

    A developer company recently made a contract with new customer in the financial space. The customer has multiple remote sites and requires a VPN solution with the highest encryption.

    Which protocol must be used in IPsec Phase 2?

    A. ESP
    B. ISAKMP
    C. SD-WAN
    D. IKE

  • Question 65:

    Considering recent cybersecurity threats, a company wants to improve the process for identifying, assessing, and managing risks with a comprehensive and holistic approach.

    Which framework must be used to meet these requirements?

    A. HIPPA
    B. MITRE CAPEC
    C. NIST SP 800-37
    D. GDPR

  • Question 66:

    A critical vulnerability is announced for a network security appliance. Before the organization starts emergency change windows, the security team must determine whether the vulnerable product and affected version are present in the environment.

    What should the team do first?

    A. Patch every network device immediately.
    B. Compare the advisory against the asset inventory and installed versions.
    C. Disable all internet access until the advisory is closed.
    D. Notify users that maintenance may occur later.

  • Question 67:

    A logistics company wants to deploy an application in the cloud using cloud native techniques.

    The company must ensure that the development, testing, and production environments are as identical as possible with the lowest risk of the development and testing environments impacting production.

    Which solution must be used to accomplish the task?

    A. network access control list
    B. lambda functions
    C. separate cloud accounts
    D. service quotas

  • Question 68:

    Which tool is used to collect, analyze, and visualize logs from network devices, endpoints, and other sources in an enterprise?

    A. Cisco Email Security Appliance
    B. Cloud Observability
    C. Cisco Web Security Appliance
    D. Splunk

  • Question 69:

    Which tool is used by SOC analyst to quarantine an endpoint?

    A. flow collector
    B. syslog
    C. load balancer
    D. Cisco XDR

  • Question 70:

    Refer to the exhibit. A software developer noticed that the application source code had been found on the internet.

    To avoid such an incident from happening again, the developer applied a DLP policy to prevent from uploading source code into generative AI tool like ChatGPT.

    When testing the policy, the developer noticed that it is still possible for the source code to be uploaded.

    Which action must the developer take to prevent this issue?

    A. Enable the rule.
    B. Move the ChatGPT Source Code rule to the bottom.
    C. Modify the data classifications.
    D. Change the DLP action from Monitor to Block.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-745 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.