Question No. 1

An administrator configures the interfaces of a Cisco Secure Firewall Threat Defence device in an inline IPS deployment. The administrator completes these actions:

* identifies the device and the interfaces

* sets the interface mode to inline

* enables the interlaces

Which configuration step must the administrator take next to complete the implementation?

AEnable spanning-tree PortFast on the interfaces.

BConfigure an inline set

CSet the interface to Transparent mode.

DSet the interface to routed mode.

Show Answer

Correct Answer: B

After setting the interface mode to inline and enabling the interfaces on a Cisco Secure Firewall Threat Defense (FTD) device in an inline IPS deployment, the next step is to configure an inline set. An inline set groups two interfaces that work together to inspect traffic passing between them.

Steps to configure an inline set:

In FMC, navigate to Devices > Device Management.

Select the FTD device and configure the interfaces.

Create a new inline set, adding the relevant interfaces that have been set to inline mode.

Deploy the configuration to the FTD device.

Configuring an inline set ensures that the traffic between the specified interfaces is inspected and processed according to the IPS policies, completing the implementation of the inline IPS deployment.

Question No. 2

The CEO ask a network administrator to present to management a dashboard that shows custom analysis tables for the top DNS queries URL category statistics, and the URL reputation statistics.

Which action must the administrator take to quickly produce this information for management?

ARun the Attack report and filter on DNS to show this information.

BCreate a new dashboard and add three custom analysis widgets that specify the tables needed.

CModify the Connection Events dashboard to display the information in a view for management.

DCopy the intrusion events dashboard tab and modify each widget to show the correct charts.

Show Answer

Correct Answer: B

Question No. 3

An administrator is working on a migration from Cisco ASA to the Cisco FTD appliance and needs to test the rules without disrupting the traffic. Which policy type should be used to configure the ASA rules during this phase of the migration?

Aidentity

BIntrusion

CAccess Control

DPrefilter

Show Answer

Correct Answer: C

https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/migration-guide/ASA2FTD-with-FP-Migration-Tool/b_Migration_Guide_ASA2FTD_chapter_01011.html

Question No. 4

A network administrator is migrating from a Cisco ASA to a Cisco FTD.

EIGRP is configured on the Cisco ASA but it is not available in the Cisco FMC.

Which action must the administrator take to enable this feature on the Cisco FTD?

AConfigure EIGRP parameters using FlexConfig objects.

BAdd the command feature eigrp via the FTD CLI.

CCreate a custom variable set and enable the feature in the variable set.

DEnable advanced configuration options in the FMC.

Show Answer

Correct Answer: A

Question No. 5

An engineer is setting up a remote access VPN on a Cisco FTD device and wants to define which traffic gets sent over the VPN tunnel. Which named object type in Cisco FMC must be used to accomplish this task?

Asplit tunnel

Bcrypto map

Caccess list

Droute map

Show Answer

Correct Answer: A

Free Cisco 300-710 Exam Actual Questions

The questions for 300-710 were last updated On Nov 16, 2024