Practice Free 300-710 Exam Online Questions
A network engineer detects a connectivity issue between Cisco Secure Firewall Management Centre and Cisco Secure Firewall Threat Defense Initial troubleshooting indicates that heartbeats and events not being received. The engineer re-establishes the secure channels between both peers.
Which two commands must the engineer run to resolve the issue? (Choose two.)
- A . manage_procs.pl
- B . sudo stats_unified.pl
- C . sudo perfstats -Cq < /var/sf/rna/correlator-stats/now
- D . show history
- E . show disk-manager
AB
Explanation:
When connectivity issues are detected between Cisco Secure Firewall Management Center (FMC) and Cisco Secure Firewall Threat Defense (FTD) devices, and initial troubleshooting indicates that heartbeats and events are not being received, the engineer can run the following commands to resolve the issue by re-establishing secure channels and checking process statuses:
manage_procs.pl: This script is used to manage and restart processes on the FTD device. Running this script can help restart any malfunctioning processes and re-establish connectivity between the FMC and FTD.
sudo stats_unified.pl: This command provides detailed statistics and status of the unified system processes. It helps in diagnosing and resolving issues related to the secure channel and event reporting.
Steps:
Access the FTD CLI.
Run the command manage_procs.pl to restart processes.
Run the command sudo stats_unified.pl to gather detailed process statistics and verify the status. These commands help resolve connectivity issues by ensuring that all necessary processes are running correctly and secure channels are re-established.
Reference: Cisco Secure Firewall Threat Defense Configuration Guide, Chapter on Troubleshooting and CLI Commands.
A network administrator wants to configure a Cisco Secure Firewall Threat Defense instance managed by Cisco Secure Firewall Management Center to block traffic to known cryptomning networks.
Which system settings must the administrator configure in Secure Firewall Management Center to meet the requirement?
- A . Access Policy. Security Intelligence
- B . Malware Policy.
- C . Rules Intrusion Policy. Security Intelligence
- D . Access Policy. Rules
A
Explanation:
To block traffic to known cryptomining networks using Cisco Secure Firewall Threat Defense (FTD) managed by Cisco Secure Firewall Management Center (FMC), the network administrator needs to configure Security Intelligence in an Access Control Policy. Security Intelligence allows administrators to block traffic based on threat intelligence feeds, which include known malicious IP addresses, domains, and URLs.
Steps:
Navigate to Policies > Access Control > Access Control Policy in FMC.
Edit or create an Access Control Policy.
Go to the Security Intelligence tab.
Enable the relevant threat intelligence feeds that include cryptomining networks.
Apply the policy to the FTD device.
This configuration ensures that traffic to known cryptomining networks is blocked, enhancing the network’s security posture against cryptomining threats.
Reference: Cisco Secure Firewall Management Center Configuration Guide, Chapter on Security Intelligence.
Refer to the exhibit.
A company is deploying a pair of Cisco Secure Firewall Threat defense devices named FTD1 and FTD2. FTD1 and FTD2 have been configured as an active/standby pair with a failover link but without a stateful link.
What must be implemented next to ensure that users on the internal network still communicate with outside devices if FTD1 fails?
- A . Disable port security on the switch interfaces connected to FTD1 and FTD2.
- B . Set maximum secured addresses to two on the switch interfaces on FTD1 and FTD2.
- C . Connect and configure a stateful link and thon deploy the changes.
- D . Configure the spanning-tree PortFasI feature on SW1 and FTD2
C
Explanation:
In a failover configuration with Cisco Secure Firewall Threat Defense (FTD) devices, ensuring that users on the internal network can continue to communicate with outside devices if the primary device (FTD1) fails requires the implementation of a stateful failover link. The stateful failover link allows the secondary device (FTD2) to maintain session information and state data, ensuring seamless failover and minimizing disruptions.
Steps to implement a stateful failover link:
Physically connect a stateful failover link between FTD1 and FTD2.
Configure the stateful failover link in the FMC.
Ensure that both devices are properly synchronized and that stateful failover is enabled.
Deploy the changes to both FTD devices.
By configuring a stateful link, the secondary FTD can take over active sessions without requiring users to re-establish their connections, thus ensuring continuous communication.
Reference: Cisco Secure Firewall Threat Defense Configuration Guide, Chapter on Failover Configuration.
With Cisco FTD integrated routing and bridging, which interface does the bridge group use to communicate with a routed interface?
- A . switch virtual
- B . bridge group member
- C . bridge virtual
- D . subinterface
C
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/transparent_or_routed_firewall_mode_for_firepower_threat_defense.html
A network administrator is implementing an active/passive high availability Cisco FTD pair.
When adding the high availability pair, the administrator cannot select the secondary peer.
What is the cause?
- A . The second Cisco FTD is not the same model as the primary Cisco FTD.
- B . An high availability license must be added to the Cisco FMC before adding the high availability pair.
- C . The failover link must be defined on each Cisco FTD before adding the high availability pair.
- D . Both Cisco FTD devices are not at the same software Version
An engineer must define a URL object on Cisco FMC.
What is the correct method to specify the URL without performing SSL inspection?
- A . Use Subject Common Name value.
- B . Specify all subdomains in the object group.
- C . Specify the protocol in the object.
- D . Include all URLs from CRL Distribution Points.
An administrator configures the interfaces of a Cisco Secure Firewall Threat Defence device in an inline IPS deployment.
The administrator completes these actions:
* identifies the device and the interfaces
* sets the interface mode to inline
* enables the interlaces
Which configuration step must the administrator take next to complete the implementation?
- A . Enable spanning-tree PortFast on the interfaces.
- B . Configure an inline set
- C . Set the interface to Transparent mode.
- D . Set the interface to routed mode.
B
Explanation:
After setting the interface mode to inline and enabling the interfaces on a Cisco Secure Firewall Threat Defense (FTD) device in an inline IPS deployment, the next step is to configure an inline set. An inline set groups two interfaces that work together to inspect traffic passing between them.
Steps to configure an inline set:
In FMC, navigate to Devices > Device Management.
Select the FTD device and configure the interfaces.
Create a new inline set, adding the relevant interfaces that have been set to inline mode.
Deploy the configuration to the FTD device.
Configuring an inline set ensures that the traffic between the specified interfaces is inspected and processed according to the IPS policies, completing the implementation of the inline IPS deployment.
Reference: Cisco Secure Firewall Management Center Configuration Guide, Chapter on Inline Sets.
A Cisco FMC administrator wants to configure fastpathing of trusted network traffic to increase performance.
In which type of policy would the administrator configure this feature?
- A . Identity policy
- B . Prefilter policy
- C . Network Analysis policy
- D . Intrusion policy