300-710 Online Practice Questions and Answers

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

A. configure manager local 10.0.0.10 Cisco123

B. configure manager add Cisco123 10.0.0.10

C. configure manager local Cisco123 10.0.0.10

D. configure manager add 10.0.0.10 Cisco123

A network administrator needs to create a policy on Cisco Firepower to fast-path traffic to avoid Layer 7 inspection. The rate at which traffic is inspected must be optimized. What must be done to achieve this goal?

A. Enable lhe FXOS for multi-instance.

B. Configure a prefilter policy.

C. Configure modular policy framework.

D. Disable TCP inspection.

A network engineer is tasked with minimising traffic interruption during peak traffic limes. When the SNORT inspection engine is overwhelmed, what must be configured to alleviate this issue?

A. Enable IPS inline link state propagation

B. Enable Pre-filter policies before the SNORT engine failure.

C. Set a Trust ALL access control policy.

D. Enable Automatic Application Bypass.

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https:///capture/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

A. Disable the proxy setting on the browser

B. Use the Cisco FTD IP address as the proxy server setting on the browser.

C. Disable the HTTPS server and use HTTP instead

D. Enable the HTTPS server for the device platform policy

While integrating Cisco Umbrella with Cisco Threat Response, a network security engineer wants to automatically push blocking of domains from the Cisco Threat Response interface to Cisco Umbrella.

Which API meets this requirement?

A. investigate

B. reporting

C. enforcement

D. REST

What is the role of realms in the Cisco ISE and Cisco FMC integration?

A. Cisco Secure Firewall VDC

B. Cisco ISE context

C. TACACS+ database

D. AD definition

An administrator receives reports that users cannot access a cloud-hosted web server. The access control policy was recently updated with several new policy additions and URL filtering. What must be done to troubleshoot the issue and restore access without sacrificing the organization's security posture?

A. Download a PCAP of the traffic to verify the blocks and use the FlexConfig to override the existing policy.

B. Review the output in connection events to validate the block, and modify the policy to allow the traffic.

C. Create a new access control policy rule to allow ports 80 and 443 to the FQDN of the web server.

D. Verify the blocks using the packet capture tool and create a rule with the action monitor for the traffic.

An administrator is configuring a new report template off. of a saved search within Cisco Secure Firewall Management Centre. The goal is to use the malware analysis report template, but use a different type saved search as the basis. The report is not working.

What must be considered when configuring this report template?

A. Saved searches can be used for the same report template only

B. Saved searches are available freely for all report templates within the same domain.

C. Saved searches from a different report template must be used.

D. Saved searches must be renamed before using for different report template.