Pass 300-710 SNCF in Just 3 Days – Stress-Free!
Get your 300-710 Securing Networks with Cisco Firepower certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
Question 181
An engineer is troubleshooting connectivity to the DNS servers from hosts behind a new Cisco FTD device. The hosts cannot send DNS queries to servers in the DMZ. Which action should the engineer take to troubleshoot this issue using the real DNS packets?
- A. Use the packet capture tool to check where the traffic is being blocked and adjust the access control or intrusion policy as needed.
- B. Use the Connection Events dashboard to check the block reason and adjust the inspection policy as needed.
- C. Use the packet tracer tool to determine at which hop the packet is being dropped.
- D. Use the show blocks command in the Threat Defense CLI tool and create a policy to allow the blocked traffic.
Correct Answer: A
Question 182
An engineer must configure a Cisco FMC dashboard in a child domain. Which action must be taken so that the dashboard is visible to the parent domain?
- A. Adjust policy inheritance settings.
- B. Add a separate widget.
- C. Create a copy of the dashboard.
- D. Add a separate tab.
Correct Answer: C
Question 183
A network engineer sets up a secondary Cisco FMC that is integrated with Cisco Security Packet Analyzer. What occurs when the secondary Cisco FMC synchronizes with the primary Cisco FMC?
- A. The existing configuration for integration of the secondary Cisco FMC with Cisco Security Packet Analyzer is overwritten.
- B. The synchronization between the primary and secondary Cisco FMC fails.
- C. The existing integration configuration is replicated to the primary Cisco FMC.
- D. The secondary Cisco FMC must be reintegrated with Cisco Security Packet Analyzer after the synchronization.
Correct Answer: C
Question 184
An analyst is reviewing the Cisco FMC reports for the week. They notice that some peer-to-peer applications are being used on the network and they must identify which poses the greatest risk to the environment. Which report gives the analyst this information?
- A. User Risk Report
- B. Advanced Malware Risk Report
- C. Attacks Risk Report
- D. Network Risk Report
Correct Answer: D
Question 185
An administrator receives reports that users cannot access a cloud-hosted web server. The access control policy was recently updated with several new policy additions and URL filtering. What must be done to troubleshoot the issue and restore access without sacrificing the organization’s security posture?
- A. Download a PCAP of the traffic attempts to verify the blocks and use the flexconfig objects to create a rule that allows only the required traffic to the destination server.
- B. Identify the blocked traffic in the Cisco FMC connection events to validate the block, and modify the policy to allow the traffic to the web server.
- C. Create a new access control policy rule to allow ports 80 and 443 to the FQDN of the web server.
- D. Verify the blocks using the packet capture tool and create a rule with the action monitor for the traffic.
Correct Answer: B
Question 186
An engineer is reviewing a ticket that requests to allow traffic for some devices that must connect to a server over 8699/udp. The request mentions only one IP address, 172.16.18.15, but the requestor asked for the engineer to open the port for all machines that have been trying to connect to it over the last week. Which action must the engineer take to troubleshoot this issue?
- A. Use the context explorer to see the application blocks by protocol.
- B. Filter the connection events by the source port 8699/udp.
- C. Filter the connection events by the destination port 8699/udp.
- D. Use the context explorer to see the destination port blocks.
Correct Answer: C
Question 187
While integrating Cisco Umbrella with Cisco Threat Response, a network security engineer wants to automatically push blocking of domains from the Cisco Threat Response interface to Cisco Umbrella. Which API meets this requirement?
- A. investigate
- B. REST
- C. reporting
- D. enforcement
Correct Answer: D
Question 188
An engineer is working on a LAN switch and has noticed that its network connection to the inline Cisco IPS has gone down. Upon troubleshooting, it is determined that the switch is working as expected. What must have been implemented for this failure to occur?
- A. The upstream router has a misconfigured routing protocol.
- B. Link-state propagation is enabled.
- C. The Cisco IPS has been configured to be in fail-open mode.
- D. The Cisco IPS is configured in detection mode.
Correct Answer: B
Question 189
An engineer runs the command restore remote-manager-backup location 2.2.2.2 admin/Volume/home/admin FTD411247145.zip on a Cisco FMC. After connecting to the repository, the Cisco FTD device is unable to accept the backup file. What is the reason for this failure?
- A. The wrong IP address is used.
- B. The directory location is incorrect.
- C. The backup file is not in .cfg format.
- D. The backup file extension was changed from .tar to .zip.
Correct Answer: D
Question 190
The CIO asks a network administrator to present to management a dashboard that shows custom analysis tables for the top DNS queries URL category statistics, and the URL reputation statistics. Which action must the administrator take to quickly produce this information for management?
- A. Run the Attack report and filter on DNS to show this information.
- B. Create a new dashboard and add three custom analysis widgets that specify the tables needed.
- C. Modify the Connection Events dashboard to display the information in a view for management.
- D. Copy the intrusion events dashboard tab and modify each widget to show the correct charts.
Correct Answer: B