Pass 300-710 SNCF in Just 3 Days – Stress-Free!
Get your 300-710 Securing Networks with Cisco Firepower certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
Question 261
A network administrator reviews the attack risk report and notices several low-impact attacks. What does this type of attack indicate?
- A. All attacks are listed as low until manually recategorized.
- B. The host is not vulnerable to those attacks.
- C. The host is not within the administrator’s environment.
- D. The attacks are not dangerous to the network.
Correct Answer: D
Question 262
What is a limitation to consider when running a dynamic routing protocol on a Cisco Secure Firewall Threat Defense device in IRB mode?
- A. Only link-state routing protocols are supported.
- B. Only nonbridge interfaces are supported.
- C. Only EtherChannel interfaces are supported.
- D. Only distance vector routing protocols are supported.
Correct Answer: B
Question 263
An engineer is configuring URL filtering for a Cisco FTD device in Cisco FMC. Users must receive a warning when they access http://www.badadultsite.com with the option of continuing to the website if they choose to. No other websites should be blocked. Which two actions must the engineer take to meet these requirements? (Choose two.)
- A. On the HTTP Responses tab of the access control policy editor, set the Interactive Block Response Page to System-provided.
- B. Configure the default action for the access control policy to Interactive Block.
- C. Configure an access control rule that matches an URL object for http://www.badadultsite.com/ and set the action to Interactive Block.
- D. Configure an access control rule that matches the Adult URL category and set the action to Interactive Block.
- E. On the HTTP Responses tab of the access control policy editor, set the Block Response Page to Custom.
Correct Answer: A, C
Question 264
The security engineer reviews the syslog server events of an organization and sees many outbound connections to malicious sites initiated from hosts running Cisco Secure Endpoint. The hosts are on a separate network from the Cisco FTD device. Which action blocks the connections?
- A. Modify the policy on Cisco Secure Endpoint to enable DFC.
- B. Modify the access control policy on the Cisco FMC to block malicious outbound connections.
- C. Add the IP addresses of the malicious sites to the access control policy on the Cisco FMC.
- D. Add a Cisco Secure Endpoint policy with the Tetra and Spero engines enabled.
Correct Answer: C
Question 265
An engineer has been tasked with performing an audit of network objects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense, Cisco Secure Firewall ASA, and Meraki MX Series) deployed throughout the company. Which tool will assist the engineer in performing that audit?
- A. Cisco Firepower Device Manager
- B. Cisco Defense Orchestrator
- C. Cisco Secure Firewall Management Center
- D. Cisco SecureX
Correct Answer: B
Question 266
A network engineer is deploying a pair of Cisco Secure Firewall Threat Defense devices managed by Cisco Secure Firewall Management Center for High Availability. Internet access is a high priority for the business and therefore they have invested in internet circuits from two different ISPs. The requirement from the customer is that internet access must be available to their users even if one of the ISPs is down. Which two features must be deployed to achieve this requirement? (Choose two.)
- A. Route Tracking
- B. Redundant interfaces
- C. EtherChannel interfaces
- D. SLA Monitor
- E. BGP
Correct Answer: A, D
Question 267
A network engineer is planning on replacing an Active/Standby pair of physical Cisco Secure Firewall ASAs with a pair of Cisco Secure Firewall Threat Defense Virtual appliances. Which two virtual environments support the current High Availability configuration? (Choose two.)
- A. ESXi
- B. Azure
- C. Openstack
- D. KVM
- E. AWS
Correct Answer: A, D
Question 268
A company is deploying AMP private cloud. The AMP private cloud instance has already been deployed by the server administrator. The server administrator provided the hostname of the private cloud instance to the network engineer via email. What additional information does the network engineer require from the server administrator to be able to make the connection to the AMP private cloud in Cisco FMC?
- A. IP address and port number for the connection proxy
- B. SSL certificate for the AMP private cloud instance
- C. Username and password to the AMP private cloud instance
- D. Internet access for the AMP private cloud to reach the AMP public cloud
Correct Answer: A
Question 269
A security engineer is deploying Cisco Secure Endpoint to detect a zero day malware attack with an SHA-256 hash of 47ea931f3e9dc23ec0b0885a80663e30ea013d493f8e88224b570a0464084628. What must be configured in Cisco Secure Endpoint to enable the application to take action based on this hash?
- A. Access control rule
- B. Correlation policy
- C. Transform set
- D. Custom detection list
Correct Answer: D
Question 270
A security engineer must create a malware and file policy on a Cisco Secure Firewall Threat Defense device. The solution must ensure that PDF, DOCX, and XLSX files are not sent to Cisco Secure Malware Analytics. What must be configured to meet the requirements?
- A. Spero analysis
- B. Local malware analysis
- C. Capacity handling
- D. Dynamic analysis
Correct Answer: B