Pass 300-710 SNCF in Just 3 Days – Stress-Free!
Get your 300-710 Securing Networks with Cisco Firepower certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
Question 291
An engineer is configuring a Cisco Secure Firewall Threat Defense device and wants to create a new intrusion rule based on the detection of a specific pattern in the data payload for a new zero-day exploit. Which keyword type must be used to add a line that identifies the author of the rule and the date it was created?
- A. gtp_info
- B. metadata
- C. reference
- D. content
Correct Answer: B
Question 292
What is the role of realms in the Cisco ISE and Cisco FMC integration?
- A. Cisco Secure Firewall VDC
- B. Cisco ISE context
- C. TACACS+ database
- D. AD definition
Correct Answer: D
Question 293
A network engineer must configure IPS mode on a Secure Firewall Threat Defense device to inspect traffic and act as an IDS. The engineer already configured the passive-interface on the Secure Firewall Threat Defense device and SPAN on the switch. What must be configured next by the engineer?
- A. Intrusion policy on the Secure Firewall Threat Defense device
- B. Active SPAN port on the switch
- C. DHCP on the switch
- D. Active interface on the Secure Firewall Threat Defense device
Correct Answer: D
Question 294
A software development company hosts the website https://dev.company.com for contractors to share code for projects they are working on with internal developers. The web server is on premises and is protected by a Cisco Secure Firewall Threat Defense appliance. The network administrator is worried about someone trying to transmit infected files to internal users via this site. Which type of policy must be associated with an access control policy to enable Cisco Secure Firewall Malware Defense to detect and block malware?
- A. SSL policy
- B. File policy
- C. Network discovery policy
- D. Prefilter policy
Correct Answer: D
Question 295
A network engineer must configure an existing firewall to have a NAT configuration. The new configuration must support more than two interfaces per context. The firewall has previously been operating in transparent mode. The Cisco Secure Firewall Threat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?
- A. Run the configure firewall routed command from the Secure FTD device CLI and reregister with Secure FMC.
- B. Run the configure manager add routed command from the Secure FMC CLI. and reregister with Secure FMC.
- C. Run the configure manager add routed command from the Secure FTD device CLI, and reregister with Secure FMC.
- D. Run the configure firewall routed command from the Secure FMC CLI. and reregister with Secure FMC.
Correct Answer: A
Question 296
A security engineer manages a firewall console and an endpoint console and finds it challenging and time-consuming to review events and modify blocking of specific files in both consoles. Which action must the engineer take to streamline this process?
- A. Within the Cisco Secure Endpoint console, copy the connector GUID and paste into the Cisco Secure Firewall Management Center (FMC) AMP tab.
- B. From the Cisco Secure Endpoint console, create and copy an API key and paste into the Cisco Secure AMP tab.
- C. From the Secure FMC, create a Cisco Secure Endpoint object and reference the object in the Cisco Secure Endpoint console.
- D. Initiate the integration between Secure FMC and Cisco Secure Endpoint from the Secure FMC using the AMP tab.
Correct Answer: D
Question 297
An engineer must create an access control policy on a Cisco Secure Firewall Threat Defense device. The company has a contact center that utilizes VoIP heavily, and it is critical that this traffic is not impacted by performance issues after deploying the access control policy. Which access control action rule must be configured to handle the VoIP traffic?
- A. Block
- B. Trust
- C. Monitor
- D. Allow
Correct Answer: B
Question 298
An engineer must export a packet capture from Cisco Secure Firewall Management Center to assist in troubleshooting an issue on a Secure Firewall Threat Defense device. When the engineer navigates to the URL for Secure Firewall Management Center at: https:///capture/CAPY/pcap/sample.pcap. The engineer receives a 403: Forbidden error instead of being provided with the PCAP file. Which action resolves the issue?
- A. Disable the proxy setting on the client browser.
- B. Disable the HTTPS server and use HTTP.
- C. Enable HTTPS in the device platform policy.
- D. Enable the proxy setting in the device platform policy.
Correct Answer: C
Question 299
When packet capture is used on a Cisco Secure Firewall Threat Defense device and the packet flow is waiting on the malware query, which Snort verdict appears?
- A. Hide
- B. Block
- C. Retry
- D. Replace
Correct Answer: B
Question 300
A network administrator is deploying a new Cisco Secure Firewall Threat Defense (FTD) firewall. After Cisco Secure FTD is deployed, inside clients have intermittent connectivity to each other. When reviewing the packet capture on the Secure FTD firewall, the administrator sees that Secure FTD is responding to all the ARP requests on the inside network. Which action must the network administrator take to resolve the issue?
- A. Review the access policy and verify that ARP is allowed from inside to inside.
- B. Review NAT policy and disable incorrect proxy ARP configuration.
- C. Convert the FTD to transparent mode to allow ARP requests.
- D. Hardcode the MAC address of the FTD to IP mapping on client machines.
Correct Answer: B