300-710 Exam - Securing Networks with Cisco Firepower (SNCF)

NEW QUESTION 1
How many report templates does the Cisco Firepower Management Center support?

• A. 20
• B. 10
• C. 5
• D. unlimited

Answer: D

NEW QUESTION 2
What is a behavior of a Cisco FMC database purge?

• A. User login and history data are removed from the database if the User Activity check box is selected.
• B. Data can be recovered from the device.
• C. The appropriate process is restarted.
• D. The specified data is removed from Cisco FMC and kept for two weeks.

Answer: C

NEW QUESTION 3
Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?

• A. show running-config
• B. show tech-support chassis
• C. system support diagnostic-cli
• D. sudo sf_troubleshoot.pl

Answer: D

Explanation:
41 Which CLI command is used to control special handling of ClientHello messages?
A. system support ssl-client-hello-tuning
B. system support ssl-client-hello-display
C. system support ssl-client-hello-force-reset
D. system support ssl-client-hello-enabled

NEW QUESTION 4
Which two packet captures does the FTD LINA engine support? (Choose two.)

• A. Layer 7 network ID
• B. source IP
• C. application ID
• D. dynamic firewall importing
• E. protocol

Answer: BE

NEW QUESTION 5
Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

• A. dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7 application protocols.
• B. reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists
• C. network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country
• D. network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country
• E. reputation-based objects, such as URL categories

Answer: BC

NEW QUESTION 6
Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?

• A. Child domains can view but not edit dashboards that originate from an ancestor domain.
• B. Child domains have access to only a limited set of widgets from ancestor domains.
• C. Only the administrator of the top ancestor domain can view dashboards.
• D. Child domains cannot view dashboards that originate from an ancestor domain.

Answer: D

NEW QUESTION 7
When do you need the file-size command option during troubleshooting with packet capture?

• A. when capture packets are less than 16 MB
• B. when capture packets are restricted from the secondary memory
• C. when capture packets exceed 10 GB
• D. when capture packets exceed 32 MB

Answer: D

NEW QUESTION 8
In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

• A. unavailable
• B. unknown
• C. clean
• D. disconnected

Answer: A

NEW QUESTION 9
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

• A. Traffic inspection can be interrupted temporarily when configuration changes are deployed.
• B. The system performs intrusion inspection followed by file inspection.
• C. They can block traffic based on Security Intelligence data.
• D. File policies use an associated variable set to perform intrusion prevention.
• E. The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.

Answer: AC

NEW QUESTION 10
Which action should be taken after editing an object that is used inside an access control policy?

• A. Delete the existing object in use.
• B. Refresh the Cisco FMC GUI for the access control policy.
• C. Redeploy the updated configuration.
• D. Create another rule using a different object name.

Answer: C

NEW QUESTION 11
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

• A. configure coredump packet-engine enable
• B. capture-traffic
• C. capture
• D. capture WORD

Answer: B

NEW QUESTION 12
Which object type supports object overrides?

• A. time range
• B. security group tag
• C. network object
• D. DNS server group

Answer: C

NEW QUESTION 13
Which protocol establishes network redundancy in a switched Firepower device deployment?

• A. STP
• B. HSRP
• C. GLBP
• D. VRRP

Answer: A

NEW QUESTION 14
Which command-line mode is supported from the Cisco Firepower Management Center CLI?

• A. privileged
• B. user
• C. configuration
• D. admin

Answer: C

NEW QUESTION 15
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

• A. The units must be the same version
• B. Both devices can be part of a different group that must be in the same domain when configured within the FMC.
• C. The units must be different models if they are part of the same series.
• D. The units must be configured only for firewall routed mode.
• E. The units must be the same model.

Answer: AE

NEW QUESTION 16
Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)

• A. EIGRP
• B. OSPF
• C. static routing
• D. IS-IS
• E. BGP

Answer: CE

NEW QUESTION 17
Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)

• A. OSPFv2 with IPv6 capabilities
• B. virtual links
• C. SHA authentication to OSPF packets
• D. area boundary router type 1 LSA filtering
• E. MD5 authentication to OSPF packets

Answer: BD

NEW QUESTION 18
Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

• A. system support firewall-engine-debug
• B. system support ssl-debug
• C. system support platform
• D. system support dump-table

Answer: A

NEW QUESTION 19
Which interface type allows packets to be dropped?

• A. passive
• B. inline
• C. ERSPAN
• D. TAP

Answer: B

NEW QUESTION 20
With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

• A. inline set
• B. passive
• C. routed
• D. inline tap

Answer: B

NEW QUESTION 21
Which Cisco Firepower feature is used to reduce the number of events received in a period of time?

• A. rate-limiting
• B. suspending
• C. correlation
• D. thresholding

Answer: D

NEW QUESTION 22
After deploying a network-monitoring tool to manage and monitor networking devices in your organization, you realize that you need to manually upload an MIB for the Cisco FMC. In which folder should you upload the MIB file?

• A. /etc/sf/DCMIB.ALERT
• B. /sf/etc/DCEALERT.MIB
• C. /etc/sf/DCEALERT.MIB
• D. system/etc/DCEALERT.MIB

Answer: C

NEW QUESTION 23
What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

• A. The rate-limiting rule is disabled.
• B. Matching traffic is not rate limited.
• C. The system rate-limits all traffic.
• D. The system repeatedly generates warnings.

Answer: B

NEW QUESTION 24
Which Cisco Firepower rule action displays an HTTP warning page?

• A. Monitor
• B. Block
• C. Interactive Block
• D. Allow with Warning

Answer: C

NEW QUESTION 25
Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

• A. dynamic null route configured
• B. DHCP pool disablement
• C. quarantine
• D. port shutdown
• E. host shutdown

Answer: CD

NEW QUESTION 26
......