Cisco 300-710 Securing Networks with Cisco Firepower (SNCF) Exam Free Dumps | 100% Free, Complete

Question 111

A network connectivity issue is occurring between a client and a server which are communicating through a Cisco Firepower device. While troubleshooting, a network administrator sees that traffic is reaching the server, but the client is not getting a response. Which step must be taken to resolve this issue without initiating traffic from the client?

• A. Use packet-tracer to ensure that traffic is not being blocked by an access list.
• B. Use packet capture to ensure that traffic is not being blocked by an access list.
• C. Use packet capture to validate that the packet passes through the firewall and is NATed to the correct IP address.
• D. Use packet-tracer to validate that the packet passes through the firewall and is NATed to the correct IP address.

Correct Answer: D

Question 112

A VPN user is unable to connect to web resources behind the Cisco FTD device terminating the connection. While troubleshooting, the network administrator determines that the DNS response are not getting through the Cisco FTD. What must be done to address this issue while still utilizing Snort IPS rules?

• A. Uncheck the “Drop when Inline” box in the intrusion policy to allow the traffic.
• B. Modify the Snort rules to allow legitimate DNS traffic to the VPN users.
• C. Disable the intrusion rule thresholds to optimize the Snort processing.
• D. Decrypt the packet after the VPN flow so the DNS queries are not inspected.

Correct Answer: B

Question 113

An engineer is restoring a Cisco FTD configuration from a remote backup using the command restore remote-manager-backup location 1.1.1.1 admin /Volume/home/admin BACKUP_Cisc394602314.zip on a Cisco FMC. After connecting to the repository, an error occurred that prevents the FTD device from accepting the backup file. What is the problem?

• A. The backup file is not in .cfg format.
• B. The backup file is too large for the Cisco FTD device.
• C. The backup file extension was changed from .tar to .zip.
• D. The backup file was not enabled prior to being applied.

Correct Answer: C

Reference

Question 114

An organization has a Cisco IPS running in inline mode and is inspecting traffic for malicious activity. When traffic is received by the Cisco IPS, if it is not dropped, how does the traffic get to its destination?

• A. It is retransmitted from the Cisco IPS inline set.
• B. The packets are duplicated and a copy is sent to the destination.
• C. It is transmitted out of the Cisco IPS outside interface.
• D. It is routed back to the Cisco ASA interfaces for transmission.

Correct Answer: C

Question 115

An engineer is investigating connectivity problems on Cisco Firepower that is using service group tags. Specific devices are not being tagged correctly, which is preventing clients from using the proper policies when going through the firewall. How is this issue resolved?

• A. Use traceroute with advanced options.
• B. Use Wireshark with an IP subnet filter.
• C. Use a packet capture with match criteria.
• D. Use a packet sniffer with correct filtering.

Correct Answer: C

Question 116

An organization must be able to ingest NetFlow traffic from their Cisco FTD device to Cisco Stealthwatch for behavioral analysis. What must be configured on the Cisco FTD to meet this requirement?

• A. Flexconfig object for NetFlow.
• B. Interface object to export NetFlow.
• C. Security intelligence object for NetFlow.
• D. Variable set object for NetFlow.

Correct Answer: B

Question 117

An engineer must build redundancy into the network and traffic must continuously flow if a redundant switch in front of the firewall goes down. What must be configured to accomplish this task?

• A. Redundant interfaces on the firewall cluster mode and switches.
• B. Redundant interfaces on the firewall non-cluster mode and switches.
• C. vPC on the switches to the interface mode on the firewall cluster.
• D. vPC on the switches to the span EtherChannel on the firewall cluster.

Correct Answer: D

Question 118

A network administrator notices that inspection has been interrupted on all non-managed interfaces of a device. What is the cause of this?

• A. The value of the highest MTU assigned to any non-management interface was changed.
• B. The value of the highest MSS assigned to any non-management interface was changed.
• C. A passive interface was associated with a security zone.
• D. Multiple inline interface pairs were added to the same inline interface.

Correct Answer: D

Question 119

A network administrator needs to create a policy on Cisco Firepower to fast-path traffic to avoid Layer 7 inspection. The rate at which traffic is inspected must be optimized. What must be done to achieve this goal?

• A. Enable the FXOS for multi-instance.
• B. Configure a prefilter policy.
• C. Configure modular policy framework.
• D. Disable TCP inspection.

Correct Answer: B

Question 120

A network engineer is tasked with minimizing traffic interruption during peak traffic times. When the SNORT inspection engine is overwhelmed, what must be configured to alleviate this issue?

• A. Enable IPS inline link state propagation.
• B. Enable Pre-filter policies before the SNORT engine failure.
• C. Set a Trust ALL access control policy.
• D. Enable Automatic Application Bypass.

Correct Answer: D