Spring Sale Limited Time 75% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple75

Pass the Cisco CCNP Security 300-710 Questions and answers with Dumpstech

Exam 300-710 Premium Access

View all detail and faqs for the 300-710 exam

Go to Exam
Practice at least 50% of the questions to maximize your chances of passing.
Viewing page 9 out of 12 pages
Viewing questions 81-90 out of questions
Questions # 81:

A VPN administrator converted an instance of Cisco Secure Firewall Threat Defense, which is managed by Cisco Secure Firewall Management Center, from using LDAP to LDAPS for

remote access VPN authentication. Which certificate must be added to allow for remote users to authenticate over the VPN?

Options:

A.

LDAPS server certificate must be added to Secure Firewall Management Center realms.

B.

Secure Firewall Management Center certificate must be added to the LDAPS server.

C.

LDAPS server certificate must be added to Secure Firewall Threat Defense.

D.

Secure Firewall Threat Defense certificate must be added to the LDAPS server.

Questions # 82:

An engineer must change the mode of a Cisco Secure Firewall Threat Defense (FTD) firewall in the Cisco Secure Firewall Management Center (FMC) inventory. The engineer must take these actions:

• Register Secure FTD with Secure FMC.

• Change the firewall mode.

• Deregister the Secure FTD device from Secure FMC.

How must the engineer take FTD take the actions?

Options:

A.

Reload the Secure FTD device.

B.

Configure the management IP address.

C.

Access the Secure FTD CLI from the console port.

D.

Erase the Secure FTD configuration

Questions # 83:

A hospital network needs to upgrade their Cisco FMC managed devices and needs to ensure that a disaster recovery process is in place. What must be done in order to minimize downtime on the network?

Options:

A.

Configure a second circuit to an ISP for added redundancy

B.

Keep a copy of the current configuration to use as backup

C.

Configure the Cisco FMCs for failover

D.

Configure the Cisco FMC managed devices for clustering.

Questions # 84:

A network engineer wants to add a third-party threat feed into the Cisco FMC for enhanced threat detectionWhich action should be taken to accomplish this goal?

Options:

A.

Enable Threat Intelligence Director using STIX and TAXII

B.

Enable Rapid Threat Containment using REST APIs

C.

Enable Threat Intelligence Director using REST APIs

D.

Enable Rapid Threat Containment using STIX and TAXII

Questions # 85:

An administrator is configuring a transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port but the FTD is not processing the traffic What is the problem?

Options:

A.

The switches do not have Layer 3 connectivity to the FTD device for GRE traffic transmission.

B.

The FTD must be configured with an ERSPAN port, not a passive port.

C.

The FTD must &e in routed mode to process ERSPAN traffic.

D.

Theswitcheswere not set up with a monitor session ID (hat matches the flow ID defined on the FTD

Questions # 86:

Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

Options:

A.

The units must be the same version

B.

Both devices can be part of a different group that must be in the same domain when configured within the FMC.

C.

The units must be different models if they are part of the same series.

D.

The units must be configured only for firewall routed mode.

E.

The units must be the same model.

Questions # 87:

A user within an organization opened a malicious file on a workstation which in turn caused a ransomware attack on the network. What should be configured within the Cisco FMC to ensure the file is tested for viruses on a sandbox system?

Options:

A.

Capacity handling

B.

Local malware analysis

C.

Spere analysis

D.

Dynamic analysis

Questions # 88:

An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks What must be configured in order to maintain data privacy for both departments?

Options:

A.

Use a dedicated IPS inline set for each department to maintain traffic separation

B.

Use 802 1Q mime set Trunk interfaces with VLANs to maintain logical traffic separation

C.

Use passive IDS ports for both departments

D.

Use one pair of inline set in TAP mode for both departments

Questions # 89:

A network engineer detects a connectivity issue between Cisco Secure Firewall Management Center and Cisco Secure Firewall Threat Defense. Initial troubleshooting indicates that heartbeats and events are not being received. The engineer re-establishes the secure channels between both peers. Which two commands must the engineer run to resolve the issue? (Choose two.)

Options:

A.

show disk-manager

B.

show history

C.

sudo stats_unified.pl

D.

manage_procs.pl

E.

sudo perfstats -Cq < /var/sf/rna/correlator-stats/now

Questions # 90:

What is an attribute of the risk reporting capability in Cisco Secure Firewall Management Center?

Options:

A.

Includes all domains in a multidomain system

B.

Uses the same templates available to standard reports

C.

Includes the current domain in a multidomain system

D.

Uses the XML format to export all reporting

Viewing page 9 out of 12 pages
Viewing questions 81-90 out of questions