Spring Sale Limited Time 75% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple75

Pass the Cisco CCNP Security 300-710 Questions and answers with Dumpstech

Home
Cisco
CCNP Security
300-710
300-710 Questions and Answers

Exam 300-710 Premium Access

View all detail and faqs for the 300-710 exam

Go to Exam

Practice at least 50% of the questions to maximize your chances of passing.

Viewing page 7 out of 12 pages

Viewing questions 61-70 out of questions

Questions # 61:

After using Firepower for some time and learning about how it interacts with the network, an administrator is trying to correlate malicious activity with a user Which widget should be configured to provide this visibility on the Cisco Firepower dashboards?

Options:

Custom Analysis

Current Status

Current Sessions

Correlation Events

Answer

Questions # 62:

A network administrator is trying to configure a previously created file policy on a new access policy. Which action must the administrator take before applying the file policy?

Options:

Set up an inspection policy.

Create a new access control rule.

Assign the file policy to the default action.

Apply an application to an access control rule.

Answer

Questions # 63:

Which two considerations must be made when deleting and re-adding devices while managing them via Cisco FMC (Choose two).

Options:

Before re-adding the device In Cisco FMC, the manager must be added back.

The Cisco FMC web interface prompts users to re-apply access control policies.

Once a device has been deleted, It must be reconfigured before it is re-added to the Cisco FMC.

An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the polices after registration is completed.

There is no option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.

Answer

B, E

Questions # 64:

Refer to the exhibit.

Question # 64

An organization has an access control rule with the intention of sending all social media traffic for inspection After using the rule for some time, the administrator notices that the traffic is not being inspected, but is being automatically allowed What must be done to address this issue?

Options:

Modify the selected application within the rule

Change the intrusion policy to connectivity over security.

Modify the rule action from trust to allow

Add the social network URLs to the block list

Answer

Questions # 65:

Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?

Options:

system generate-troubleshoot

show configuration session

show managers

show running-config | include manager

Answer

Explanation

[Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/command_ref/ b_Command_Reference_for_Firepower_Threat_Defense/c_3.html, , ]

Questions # 66:

Question # 66

Refer to the exhibit. A security engineer must improve security in an organization and is producing a risk mitigation strategy to present to management for approval. Which action must the security engineer take based on this Attacks Risk Report?

Options:

Block Internet Explorer.

Block NetBIOS.

Inspect TCP port 80 traffic.

Inspect DNS traffic.

Answer

Questions # 67:

Which CLI command is used to control special handling of ClientHello messages?

Options:

system support ssl-client-hello-tuning

system support ssl-client-hello-display

system support ssl-client-hello-force-reset

system support ssl-client-hello-enabled

Answer

Questions # 68:

A security engineer needs to configure a network discovery policy on a Cisco FMC appliance and prevent excessive network discovery events from overloading the FMC database? Which action must be taken to accomplish this task?

Options:

Change the network discovery method to TCP/SYN.

Configure NetFlow exporters for monitored networks.

Monitor only the default IPv4 and IPv6 network ranges.

Exclude load balancers and NAT devices in the policy.

Answer

Questions # 69:

What is the result when two users modify a VPN policy at the same lime on a Cisco Secure Firewall Management Center managed device?

Options:

Both users can edit the policy arid the last saved configuration persists.

The first user locks the configuration when selecting edit on the policy.

The changes from both users will be merged together into the policy.

The system prevents modifications to the policy by multiple users.

Answer

Explanation

In Cisco Secure Firewall Management Center (FMC), when two users attempt to modify a VPN policy simultaneously, the system implements a locking mechanism to prevent conflicts. The first user who selects edit on the policy locks the configuration, preventing other users from making changes until the lock is released.

Steps:

When the first user selects edit on the VPN policy, FMC locks the policy for editing.

The lock ensures that only the first user can make changes.

Once the first user saves or cancels their changes, the lock is released.

Other users can then edit the policy.

This locking mechanism ensures that configuration conflicts are avoided and only one set of changes is applied at a time.

[References:Cisco Secure Firewall Management Center Configuration Guide, Chapter on Policy Management and User Permissions., , , ]

Questions # 70:

A security engineer is configuring a remote Cisco FTD that has limited resources and internet bandwidth. Which malware action and protection option should be configured to reduce the requirement for cloud lookups?

Options:

Malware Cloud Lookup and dynamic analysis

Block Malware action and dynamic analysis

Block Malware action and local malware analysis

Block File action and local malware analysis

Answer

Viewing page 7 out of 12 pages

Viewing questions 61-70 out of questions

Modal title

Registered Required

In order to participate in the comments you need to be logged-in.
You can sign-up or login (it's free).