CertsTopics Logo

Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Exactprep 300-710 Questions

Page: 18 / 23
Total 376 questions
Get 300-710 Full Access Download 300-710 PDF

Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Question 69

A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?

Options:

A.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

B.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

C.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

D.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

Question 70

An analyst is investigating a potentially compromised endpoint within the network and pulls a host report for the endpoint in question to collect metrics and documentation. What information should be taken from this report for the investigation?

Options:

A.

client applications by user, web applications, and user connections

B.

number of attacked machines, sources of the attack, and traffic patterns

C.

intrusion events, host connections, and user sessions

D.

threat detections over time and application protocols transferring malware

Question 71

A network engineer wants to disable the HTTP response page and interactive blocking of the entire access control policy in Cisco Secure Firewall Management Center. What must be

selected in Block Response Page and Interactive Block Response Page?

Options:

A.

Custom

B.

View

C.

System

D.

None

Question 72

Refer to the exhibit. An engineer is configuring a high-availability solution that has the hardware devices and software versions:

    two Cisco Secure Firewall 9300 Security Appliances with FXOS SW 2.0(1.23)

    software Cisco Secure Firewall Threat Defense 6.0.1.1 (build 1023) on both appliances

    one Cisco Secure Firewall Management Center with SW 6.0.1.1 (build 1023)

Which condition must be met to complete the high-availability configuration?

Options:

A.

DHCP must be configured on at least one firewall interface.

B.

The version numbers must have the same patch number.

C.

Both firewalls must have the same number of interfaces.

D.

Both firewalls must be in transparent mode.

Page: 18 / 23
Total 376 questions
Get 300-710 Full Access Download 300-710 PDF