Practice Free 300-710 Exam Online Questions
On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?
- A . transparent inline mode
- B . TAP mode
- C . strict TCP enforcement
- D . propagate link state
D
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/inline_sets_and_passive_interfaces_for_firepower_threat_defense.html
What is the benefit of selecting the trace option for packet capture?
- A . The option indicates whether the packet was dropped or successful.
- B . The option indicated whether the destination host responds through a different path.
- C . The option limits the number of packets that are captured.
- D . The option captures details of each packet.
An engineer is configuring Cisco FMC and wants to limit the time allowed for processing packets through the interface However if the time is exceeded the configuration must allow packets to bypass detection.
What must be configured on the Cisco FMC to accomplish this task?
- A . Fast-Path Rules Bypass
- B . Cisco ISE Security Group Tag
- C . Inspect Local Traffic Bypass
- D . Automatic Application Bypass
Refer to the exhibit.
An engineer is modifying an access control pokey to add a rule to inspect all DNS traffic that passes through the firewall After making the change and deploying the pokey they see that DNS traffic is not bang inspected by the Snort engine.
What is the problem?
- A . The rule must specify the security zone that originates the traffic
- B . The rule must define the source network for inspection as well as the port
- C . The action of the rule is set to trust instead of allow.
- D . The rule is configured with the wrong setting for the source port
A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch.
Which firewall mode is the Cisco FTD set up to support?
- A . active/active failover
- B . transparent
- C . routed
- D . high availability clustering
Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?
- A . Windows domain controller
- B . audit
- C . triage
- D . protection
B
Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/214933-amp-for-endpoints- deployment-methodology.html
An administrator must fix a network problem whereby traffic from the inside network to a webserver is not getting through an instance of Cisco Secure Firewall Threat Defense.
Which command must the administrator use to capture packets to the webserver that are dropped by Secure Firewall Throat Defense and resold the issue?
- A . capture CAP int OUTSIDE match ip any host WEBSERVERIP
- B . capture CAP type asp-drop all headers-only
- C . capture CAP int INSIDE match ip any host WEBSERVERIP
- D . capture CAP int INSIDE match tcp any 80 host WEBSERVERlP 80
B
Explanation:
To capture packets that are dropped by Cisco Secure Firewall Threat Defense (FTD) and troubleshoot the issue of traffic from the inside network to a webserver not getting through, the administrator should use the command to capture packets dropped by the accelerated security path (ASP) engine.
The correct command is:
capture CAP type asp-drop all headers-only
This command captures all packets dropped by the ASP engine, which includes packets that are being blocked by access control policies, NAT issues, or other security checks.
Steps:
Access the FTD CLI.
Run the command capture CAP type asp-drop all headers-only to capture dropped packets.
Analyze the captured data to identify the cause of the drops.
This command provides detailed information on why packets are being dropped, helping the administrator resolve the issue.
Reference: Cisco Secure Firewall Threat Defense Configuration Guide, Chapter on Packet Capture and ASP Drop Captures.
administrator is configuring SNORT inspection policies and is seeing failed deployment messages in Cisco FMC.
What information should the administrator generate for Cisco TAC to help troubleshoot?
- A . A Troubleshoot" file for the device in question.
- B . A "show tech" file for the device in question
- C . A "show tech" for the Cisco FMC.
- D . A "troubleshoot" file for the Cisco FMC
Which CLI command is used to control special handling of clientHello messages?
- A . system support ssl-client-hello-tuning
- B . system support ssl-client-hello-display
- C . system support ssl-client-hello-force-reset
- D . system support ssl-client-hello-reset
Refer to the exhibit.
What is the effect of the existing Cisco FMC configuration?
- A . The remote management port for communication between the Cisco FMC and the managed device changes to port 8443.
- B . The managed device is deleted from the Cisco FMC.
- C . The SSL-encrypted communication channel between the Cisco FMC and the managed device becomes plain-text communication channel.
- D . The management connection between the Cisco FMC and the Cisco FTD is disabled.