Pass CCNP Security 300-710 exam [Apr 11, 2024] Updated 279 Questions [Q17-Q32]

Pass CCNP Security 300-710 exam [Apr 11, 2024] Updated 279 Questions

Cisco 300-710 Actual Questions and 100% Cover Real Exam Questions

What Designation to Achieve Next?

After these certificates have been attained, candidates can then pursue more advanced expert-level certifications in the future such as the popular CCIE Security offered by the same vendor.

Cisco 300-710 exam is designed to test the skills and knowledge of security professionals seeking to specialize in securing networks with Cisco Firepower. Securing Networks with Cisco Firepower certification exam is part of the CCNP Security certification track and validates the ability of candidates to deploy, configure and manage Cisco Firepower Next-Generation Firewall (NGFW), including intrusion prevention, URL filtering, and network-based malware protection.

 

NEW QUESTION # 17
Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.

Answer:

Explanation:

NEW QUESTION # 18
Which two considerations must be made when deleting and re-adding devices while managing them via Cisco FMC (Choose two).

• A. Once a device has been deleted, It must be reconfigured before it is re-added to the Cisco FMC.
• B. There is no option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.
• C. An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the polices after registration is completed.
• D. Before re-adding the device In Cisco FMC, the manager must be added back.
• E. The Cisco FMC web interface prompts users to re-apply access control policies.

Answer: B,E

NEW QUESTION # 19
An engineer is troubleshooting HTTP traffic to a web server using the packet capture tool on Cisco FMC. When reviewing the captures, the engineer notices that there are a lot of packets that are not sourced from or destined to the web server being captured. How can the engineer reduce the strain of capturing packets for irrelevant traffic on the Cisco FTD device?

• A. Use an access-list within the packet capture to permit only HTTP traffic to and from the web server.
• B. Use the -c option to restrict the packet capture to only the first 100 packets.
• C. Use the host filter in the packet capture to capture traffic to or from a specific host.
• D. Redirect the packet capture output to a .pcap file that can be opened with Wireshark.

Answer: C

NEW QUESTION # 20
An administrator is attempting to remotely log into a switch in the data centre using SSH and is unable to connect. How does the administrator confirm that traffic is reaching the firewall?

• A. by performing a packet capture on the firewall.
• B. by attempting to access it from a different workstation.
• C. by running Wireshark on the administrator's PC
• D. by running a packet tracer on the firewall.

Answer: A

NEW QUESTION # 21
An engineer wants to add an additional Cisco FTD Version 6.2.3 device to their current 6.2.3 deployment to create a high availability pair.
The currently deployed Cisco FTD device is using local management and identical hardware including the available port density to enable the failover and stateful links required in a proper high availability deployment. Which action ensures that the environment is ready to pair the new Cisco FTD with the old one?

• A. Factory reset the current Cisco FTD so that it can synchronize configurations with the new Cisco FTD device.
• B. Ensure that the configured DNS servers match on the two devices for name resolution.
• C. Change from Cisco FDM management to Cisco FMC management on both devices and register them to FMC.
• D. Ensure that the two devices are assigned IP addresses from the 169 254.0.0/16 range for failover interfaces.

Answer: C

NEW QUESTION # 22
A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown. What is the cause of this issue?

• A. The malware license has not been applied to the Cisco FTD.
• B. Only Spero file analysis is enabled.
• C. A file policy has not been applied to the access policy.
• D. The Cisco FMC cannot reach the Internet to analyze files.

Answer: B

NEW QUESTION # 23
Which action should be taken after editing an object that is used inside an access control policy?

• A. Delete the existing object in use.
• B. Refresh the Cisco FMC GUI for the access control policy.
• C. Create another rule using a different object name.
• D. Redeploy the updated configuration.

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/reusable_objects.html

NEW QUESTION # 24
A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows.
It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it. Which Cisco IPS mode meets these requirements?

• A. failsafe
• B. bypass
• C. inline tap
• D. promiscuous

Answer: C

NEW QUESTION # 25
A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?

• A. Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.
• B. Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.
• C. Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.
• D. Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

Answer: B

NEW QUESTION # 26
Which license type is required on Cisco ISE to integrate with Cisco FMC pxGrid?

• A. base
• B. plus
• C. apex
• D. mobility

Answer: B

NEW QUESTION # 27
A security engineer is deploying a pair of primary and secondary Cisco FMC devices. The secondary must also receive updates from Cisco Talos. Which action achieves this goal?

• A. Configure the primary Cisco FMC so that the rules are updated.
• B. Manually import rule updates onto the secondary Cisco FMC device.
• C. Configure the secondary Cisco FMC so that it receives updates from Cisco Talos.
• D. Force failover for the secondary Cisco FMC to synchronize the rule updates from the primary.

Answer: A

NEW QUESTION # 28
Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?

• A. show configuration session
• B. system generate-troubleshoot
• C. show managers
• D. show running-config | include manager

Answer: C

NEW QUESTION # 29
When using Cisco Threat Response, which phase of the Intelligence Cycle publishes the results of the investigation?

• A. processing
• B. dissemination
• C. analysis
• D. direction

Answer: B

Explanation:
Disseminate: The dissemination phase publishes the results of the investigation or threat hunt. This information is disseminated with a focus on the receivers of the information. At the tactical level, this information feeds back into the beginning of the F3EAD model, Find. Figure 3 illustrates the F3EAD model.

NEW QUESTION # 30
An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks What must be configured in order to maintain data privacy for both departments?

• A. Use a dedicated IPS inline set for each department to maintain traffic separation
• B. Use passive IDS ports for both departments
• C. Use 802 1Q mime set Trunk interfaces with VLANs to maintain logical traffic separation
• D. Use one pair of inline set in TAP mode for both departments

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ inline_sets_and_passive_interfaces_for_firepower_threat_defense.html

NEW QUESTION # 31
Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

• A. No option to delete and re-add a device is available in the Cisco FMC web interface.
• B. Before re-adding the device in Cisco FMC, you must add the manager back in the device.
• C. No option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.
• D. An option to re-apply NAT and VPN policies during registration is available, so users do not need to re- apply the policies after registration is completed.
• E. The Cisco FMC web interface prompts users to re-apply access control policies.

Answer: C,E

NEW QUESTION # 32
......

Cisco 300-710 Real 2024 Braindumps Mock Exam Dumps: https://actualtests.crampdf.com/300-710-exam-prep-dumps.html