Pass the Cisco CCNP Security 300-710 Questions and answers with ValidTests

Exam 300-710 Premium Access

View all detail and faqs for the 300-710 exam

Go to Exam

Viewing page 8 out of 12 pages

Viewing questions 71-80 out of questions

Questions # 71:

Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

Options:

pxGrid

FTD RTC

FMC RTC

ISEGrid

Expert Solution

Questions # 72:

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

Options:

dynamic null route configured

DHCP pool disablement

quarantine

port shutdown

host shutdown

Expert Solution

Questions # 73:

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

Options:

Windows domain controller

audit

triage

protection

Expert Solution

Questions # 74:

Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

Options:

application blocking

simple custom detection

file repository

exclusions

application whitelisting

Expert Solution

Questions # 75:

Which firewall design will allow It to forward traffic at layers 2 and 3 for the same subnet?

Options:

Cisco Firepower Threat Defense mode

routed mode

Integrated routing and bridging

transparent mode

Expert Solution

Questions # 76:

Refer to the exhibit.

A systems administrator conducts a connectivity test to their SCCM server from a host machine and gets no response from the server. Which action ensures that the ping packets reach the destination and that the host receives replies?

Options:

Create an access control policy rule that allows ICMP traffic.

Configure a custom Snort signature to allow ICMP traffic after Inspection.

Modify the Snort rules to allow ICMP traffic.

Create an ICMP allow list and add the ICMP destination to remove it from the implicit deny list.

Expert Solution

Questions # 77:

Which firewall mode is Cisco Secure Firewall Threat Defense in when two physical interfaces are assigned to a named BVI?

Options:

Routed

Transparent

In-line

IPS only

Expert Solution

Questions # 78:

An organization has noticed that malware was downloaded from a website that does not currently have a known bad reputation. How will this issue be addresses globally in the quickest way possible and with the least amount of impact?

Options:

by denying outbound web access

Cisco Talos will automatically update the policies.

by Isolating the endpoint

by creating a URL object in the policy to block the website

Expert Solution

Questions # 79:

An engineer is configuring Cisco Secure Firewall Threat Defense managed by a Secure Firewall Management Center appliance. The company wants remote access VPN users to be reachable from the inside network. What must the engineer configure to meet the requirements?

Options:

manual NAT exemption rule at the top of the NAT policy

manual NAT exemption rule at the bottom of the NAT policy

auto NAT exemption rule at the top of the NAT policy

auto NAT exemption rule at the bottom of the NAT policy

Expert Solution

Questions # 80:

A network administrator must create an EtherChannel Interface on a new Cisco Firepower 9300 appliance registered with an FMC tor high availability. Where must the administrator create the EtherChannel interface?

Options:

FMC CLI

FTD CLI

FXOS CLI

FMC GUI

Expert Solution

Answer

Explanation

An EtherChannel interface is a logical interface that consists of a bundle of individual Ethernet links that act as a single network link. An EtherChannel interface can increase the bandwidth and reliability of a network connection5.

On a Cisco Firepower 9300 appliance registered with an FMC for high availability, the network administrator must create the EtherChannel interface on the FXOS CLI. The FXOS is the operating system that runs on the Firepower 9300 chassis and provides hardware management functions such as interface configuration, power supply status, fan speed control, and so on6.

To create an EtherChannel interface on the FXOS CLI, the network administrator can follow these steps5:

Connect to the FXOS CLI using SSH or console.

Enter scope eth-uplink command to enter Ethernet uplink mode.

Enter create port-channel command to create an EtherChannel interface.

Enter a port-channel ID (1-48) and a mode (on or active) for the EtherChannel interface.

Enter add interface command to add physical interfaces to the EtherChannel interface.

Enter one or more interface IDs (for example, 1/1) for the physical interfaces.

Enter commit-buffer command to save the changes.

The other options are incorrect because:

The FMC CLI does not provide any commands to create an EtherChannel interface on a Firepower 9300 appliance. The FMC CLI is mainly used for managing FMC settings such as backup, restore, upgrade, troubleshoot, and so on7.

The FTD CLI does not provide any commands to create an EtherChannel interface on a Firepower 9300 appliance. The FTD CLI is mainly used for managing FTD settings such as routing, NAT, VPN, access control, and so on8.

The FMC GUI does not provide any options to create an EtherChannel interface on a Firepower 9300 appliance. The FMC GUI is mainly used for managing FTD policies such as access control, intrusion, file, malware, and so on9.

Viewing page 8 out of 12 pages

Viewing questions 71-80 out of questions

Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Pass the Cisco CCNP Security 300-710 Questions and answers with ValidTests

Exam 300-710 Premium Access

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options: