Dumps4free
Go Back on 300-710 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99

300-710 Practice Test


Page 16 out of 51 Pages

Topic 2: Configuration

Which two actions can be used in an access control policy rule? (Choose two.)


A.

Block with Reset


B.

Monitor


C.

Analyze


D.

Discover


E.

Block ALL 





A.   

Block with Reset



B.   

Monitor



Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-moduleuser-guide/asa- firepower-module-user-guide-v541/AC-Rules-TuningOverview.html#71854 

An engineer has been tasked with using Cisco FMC to determine if files being sent through
the network are malware. Which two configuration takes must be performed to achieve this
file lookup? (Choose two.)


A.

The Cisco FMC needs to include a SSL decryption policy.


B.

The Cisco FMC needs to connect to the Cisco AMP for Endpoints service


C.

The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for
sandboxing.


D.

The Cisco FMC needs to connect with the FireAMP Cloud


E.

The Cisco FMC needs to include a file inspection policy for malware lookup.





D.   

The Cisco FMC needs to connect with the FireAMP Cloud



E.   

The Cisco FMC needs to include a file inspection policy for malware lookup.



An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is
noticed that excessive and misleading events filing the database and overloading the Cisco
FMC. A monitored NAT device is executing multiple updates of its operating system in a
short period of time. What configuration change must be made to alleviate this issue? 


A.

Leave default networks.


B.

Change the method to TCP/SYN.
 


C.

Increase the number of entries on the NAT device.


D.

Exclude load balancers and NAT devices.





D.   

Exclude load balancers and NAT devices.



Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmcconfig-guide-v60/Network_Discovery_Policies.html 

Refer to the exhibit.

What must be done to fix access to this website while preventing the same communication
to all other websites?


A.

Create an intrusion policy rule to have Snort allow port 80 to only 172.1.1 50.


B.

Create an access control policy rule to allow port 80 to only 172.1.1 50


C.

Create an intrusion policy rule to have Snort allow port 443 to only 172.1.1.50


D.

Create an access control policy rule to allow port 443 to only 172.1.1 50





B.   

Create an access control policy rule to allow port 80 to only 172.1.1 50



An organization has a compliancy requirement to protect servers from clients, however, the
clients and servers all reside on the same Layer 3 network Without readdressing IP
subnets for clients or servers, how is segmentation achieved?


A.

Deploy a firewall in transparent mode between the clients and servers


B.

Change the IP addresses of the clients, while remaining on the same subnet.


C.

Deploy a firewall in routed mode between the clients and servers


D.

Change the IP addresses of the servers, while remaining on the same subnet





A.   

Deploy a firewall in transparent mode between the clients and servers




Page 16 out of 51 Pages
Previous