최신 300-710 무료덤프 - Cisco Securing Networks with Cisco Firepower

문제1

The event dashboard within the Cisco FMC has been inundated with low priority intrusion drop events, which are overshadowing high priority events. An engineer has been tasked with reviewing the policies and reducing the low priority events.
Which action should be configured to accomplish this task?

A. generate events

B. drop and generate

C. drop connection

D. drop packet

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

A. exclusions

B. application blocking

C. application whitelisting

D. simple custom detection

E. file repository

정답: B,D

설명: (DumpTOP 회원만 볼 수 있음)

문제3

An administrator receives reports that users cannot access a cloud-hosted web server. The access control policy was recently updated with several new policy additions and URL filtering.
What must be done to troubleshoot the issue and restore access without sacrificing the organization's security posture?

A. Create a new access control policy rule to allow ports 80 and 443 to the FQDN of the web server.

B. Verify the blocks using the packet capture tool and create a rule with the action monitor for the traffic.

C. Identify the blocked traffic in the Cisco FMC connection events to validate the block, and modify the policy to allow the traffic to the web server.

D. Download a PCAP of the traffic attempts to verify the blocks and use the flexconfig objects to create a rule that allows only the required traffic to the destination server.

정답: C

문제4

Refer to the exhibit. A security engineer must improve security in an organization and is producing a risk mitigation strategy to present to management for approval. Which action must the security engineer take based on this Attacks Risk Report?

A. Inspect TCP port 80 traffic.

B. Block Internet Explorer.

C. Block NetBIOS.

D. Inspect DNS traffic.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제5

An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?

A. The administrator is adding an interface that is in multiple zones.

B. The interfaces are being used for NAT for multiple networks.

C. The administrator is adding interfaces of multiple types.

D. The interfaces belong to multiple interface groups.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which protocol is needed to exchange threat details in rapid threat containment on Cisco FMC?

A. SGT

B. pxGrid

C. SNMP v3

D. BFD

정답: B

문제7

Which Cisco Firepower rule action displays an HTTP warning page?

A. Monitor

B. Allow with Warning

C. Block

D. Interactive Block

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

A security engineer is reviewing a Cisco Secure Endpoint public cloud instance. The engineer discovers a malicious verdict for a SHA-256 hash of
689efc1ecdc23ec0b0885a80663e30ea013d493f8e88224b570a1234567890.
Which configuration action must be done in Secure Endpoint console to mitigate the threat?

A. Configure correlation policy to block the hash.

B. Add the hash to the custom detection list.

C. Apply regular expression to block the malicious file.

D. Set access control policy and deny files with the hash.

정답: B

문제9

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

A. Wait for Cisco Threat Response to automatically block the malware.

B. Send a snapshot to Cisco for technical support.

C. Forward the result of the investigation to an external threat-analysis engine.

D. Add the malicious file to the block list.

정답: D

문제10

With a recent summer time change, system logs are showing activity that occurred to be an hour behind real time. Which action should be taken to resolve this issue?

A. Manually adjust the time to the correct hour on all managed devices

B. Configure the system clock settings to use NTP with Daylight Savings checked

C. Manually adjust the time to the correct hour on the Cisco FMC.

D. Configure the system clock settings to use NTP

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제11

An engineer must export a packet capture from Cisco Secure Firewall Management Center to assist in troubleshooting an issue on a Secure Firewall Threat Defense device. When the engineer navigates to the URL for Secure Firewall Management Center at:
https:///capture/CAPI/pcap/sample.pcap
The engineer receives a 403: Forbidden error instead of being provided with the PCAP file. Which action resolves the issue?

A. Enable the proxy setting in the device platform policy.

B. Disable the HTTPS server and use HTTP.

C. Disable the proxy setting on the client browser.

D. Enable HTTPS in the device platform policy.

정답: D

문제12

An administrator is attempting to remotely log into a switch in the data centre using SSH and is unable to connect.
How does the administrator confirm that traffic is reaching the firewall?

A. by running a packet tracer on the firewall.

B. by running Wireshark on the administrator's PC

C. by attempting to access it from a different workstation.

D. by performing a packet capture on the firewall.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제13

After deploying a network-monitoring tool to manage and monitor networking devices in your organization, you realize that you need to manually upload an MIB for the Cisco FMC. In which folder should you upload the MIB file?

A. /sf/etc/DCEALERT.MIB

B. system/etc/DCEALERT.MIB

C. /etc/sf/DCEALERT.MIB

D. /etc/sf/DCMIB.ALERT

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제14

Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high-availability?

A. system support network-options

B. configure high-availability resume

C. configure high-availability disable

D. configure high-availability suspend

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제15

Refer to the exhibit. An engineer is troubleshooting connectivity issues over a VPN tunnel. Users from the 192.168.68.0/24 network report that they cannot connect to a remote web server that has an IP address of 192.168.67.100. The engineer confirms that NAT and access control rules on the local Cisco Secure Firewall Threat Defense Virtual will allow the connection. Which two configuration changes must the engineer make to resolve the connectivity issues? (Choose two.)

A. Match the crypto access control list.

B. Bring the VPN tunnel up.

C. Set the VPN to support two-way traffic.

D. Reconfigure the web server

E. Unblock the remote firewall connection

정답: D,E

문제16

The security engineer reviews the syslog server events of an organization and sees many outbound connections to malicious sites initiated from hosts running Cisco Secure Endpoint. The hosts are on a separate network from the Cisco FTD device. Which action blocks the connections?

A. Add a Cisco Secure Endpoint policy with the Tetra and Spero engines enabled

B. Modify the policy on Cisco Secure Endpoint to enable DFC.

C. Add the IP addresses of the malicious sites to the access control policy on the Cisco FMC

D. Modify the access control policy on the Cisco FMC to block malicious outbound connections

정답: C

문제17

A network administrator is configuring Snort inspection policies and is seeing failed deployment messages in Cisco FMC.
What information should the administrator generate for Cisco TAC to help troubleshoot?

A. A "show tech" file for the device in question.

B. A "show tech" for the Cisco FMC.

C. A "troubleshoot" file for the Cisco FMC.

D. A "troubleshoot" file for the device in question.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제18

An administrator is configuring the interface of a Cisco Secure Firewall Threat Defense firewall device in a passive IPS deployment. The device and interface have been identified. Which set of configuration steps must the administrator perform next to complete the implementation?

A. Modify the interface to retransmit received traffic. Associate the interface with a security zone Set the MTU parameter

B. Set the interface mode to passive. Associate the interface with a security zone. Set the MTU parameter. Reset the interface.

C. Modify the interface to retransmit received traffic. Associate the interface with a security zone.Enable the interface. Set the MTU parameter.

D. Set the interface mode to passive. Associate the interface with a security zone. Enable the interface. Set the MTU parameter.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

최신 300-710 무료덤프 - Cisco Securing Networks with Cisco Firepower

우리와 연락하기

유용한 링크

최신 업데이트