CertsTopics Logo

Spring Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

PDF 300-710 Study Guide

Page: 8 / 29
Total 385 questions
Get 300-710 Full Access Download 300-710 PDF

Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Question 29

Refer to the exhibit.

An engineer is modifying an access control policy to add a rule to Inspect all DNS traffic that passes it making the change and deploying the policy, they see that DNS traffic Is not being Inspected by the Snort engine. What is......

Options:

A.

The action of the rule is set to trust instead of allow.

B.

The rule must specify the security zone that originates the traffic.

C.

The rule Is configured with the wrong setting for the source port.

D.

The rule must define the source network for inspection as well as the port.

Question 30

A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet How is this accomplished on an FTD device in routed mode?

Options:

A.

by leveraging the ARP to direct traffic through the firewall

B.

by assigning an inline set interface

C.

by using a BVI and create a BVI IP address in the same subnet as the user segment

D.

by bypassing protocol inspection by leveraging pre-filter rules

Question 31

A network administrator cannot select the link to be used for failover when configuring an active/passive HA Cisco FTD pair.

Which configuration must be changed before setting up the high availability pair?

Options:

A.

An IP address in the same subnet must be added to each Cisco FTD on the interface.

B.

The interface name must be removed from the interface on each Cisco FTD.

C.

The name Failover must be configured manually on the interface on each cisco FTD.

D.

The interface must be configured as part of a LACP Active/Active EtherChannel.

Question 32

Which feature sets up multiple interfaces on a Cisco Secure Firewall Threat Defense to be on the same subnet?

Options:

A.

EtherChannel

B.

SVI

C.

BVI

D.

security levels

Page: 8 / 29
Total 385 questions
Get 300-710 Full Access Download 300-710 PDF