300-710 Exam Questions

Total 254 Questions

Last Updated Exam : 16-Dec-2024

Topic 1: Deployment

Which protocol establishes network redundancy in a switched Firepower device
deployment?


A.

STP


B.

HSRP


C.

GLBP


D.

VRRP





A.
  

STP



Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmcconfig-guide-v62/firepower_threat_defense_high_availability.html

Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN. What must be configured to meet these requirements?


A.

span EtherChannel clustering


B.

redundant interfaces


C.

high availability active/standby firewalls


D.

multi-instance firewalls





D.
  

multi-instance firewalls



Which policy rule is included in the deployment of a local DMZ during the initial deployment
of a Cisco NGFW through the Cisco FMC GUI?


A.

a default DMZ policy for which only a user can change the IP addresses.


B.

deny ip any


C.

no policy rule is included


D.

permit ip any





C.
  

no policy rule is included



With Cisco Firepower Threat Defense software, which interface mode must be configured
to passively receive traffic that passes through the appliance?


A.

inline set


B.

passive


C.

routed


D.

inline tap





B.
  

passive



An administrator is optimizing the Cisco FTD rules to improve network performance, and
wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD.
Which policy must be configured to accomplish this goal?


A.

prefilter


B.

intrusion


C.

identity


D.

URL filtering





A.
  

prefilter



On the advanced tab under inline set properties, which allows interfaces to emulate a
passive interface?


A.

transparent inline mode


B.

TAP mode


C.

strict TCP enforcement


D.

propagate link state





D.
  

propagate link state



A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to
a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to
support?


A.

active/active failover


B.

transparent


C.

routed


D.

high availability clustering





B.
  

transparent



Which Firepower feature allows users to configure bridges in routed mode and enables
devices to perform Layer 2 switching between interfaces?


A.

 FlexConfig


B.

BDI


C.

 SGT


D.

 IRB





D.
  

 IRB



Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/relnotes/
Firepower_System_Release_Notes_Version_620/new_features_and_functionality.html

Which action should be taken after editing an object that is used inside an access control
policy?


A.

Delete the existing object in use


B.

Refresh the Cisco FMC GUI for the access control policy.


C.

Redeploy the updated configuration


D.

Create another rule using a different object name.





C.
  

Redeploy the updated configuration



https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmcconfig-
guide-v63/reusable_objects.html

Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?


A.

show running-config


B.

show tech-support chassis


C.

system support diagnostic-cli


D.

sudo sf_troubleshoot.pl





D.
  

sudo sf_troubleshoot.pl




Page 3 out of 26 Pages
Previous