Dumps4free
Go Back on 300-710 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99

300-710 Practice Test


Page 7 out of 51 Pages

Topic 2: Configuration

An organization is using a Cisco FTD and Cisco ISE to perform identity-based access
controls. A network administrator is analyzing the Cisco FTD events and notices that
unknown user traffic is being allowed through the firewall. How should this be addressed to
block the traffic while allowing legitimate user traffic? 


A.

Modify the Cisco ISE authorization policy to deny this access to the user.


B.

Modify Cisco ISE to send only legitimate usernames to the Cisco FTD. 


C.

Add the unknown user in the Access Control Policy in Cisco FTD.


D.

Add the unknown user in the Malware & File Policy in Cisco FTD.





C.   

Add the unknown user in the Access Control Policy in Cisco FTD.



Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/fdm/fptd-fdmconfig-guide-640/fptd-fdmidentity.html#concept_655B055575E04CA49B10186DEBDA301A

After deploying a network-monitoring tool to manage and monitor networking devices in
your organization, you realize that you need to manually upload an MIB for the Cisco FMC.
In which folder should you upload the MIB file?


A.

/etc/sf/DCMIB.ALERT


B.

/sf/etc/DCEALERT.MIB


C.

/etc/sf/DCEALERT.MIB


D.

system/etc/DCEALERT.MIB





C.   

/etc/sf/DCEALERT.MIB



Which command-line mode is supported from the Cisco Firepower Management Center
CLI?


A.

privileged


B.

user


C.

configuration


D.

admin





C.   

configuration



Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmcconfig-
guide-v66/command_line_reference.pdf

A company is in the process of deploying intrusion prevention with Cisco FTDs managed
by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not
block the suspicious traffic. Which action accomplishes this task?


A.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.


B.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.


C.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.


D.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by checking the "Drop when inline" option. 





A.   

Configure IDS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.



A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two
port requirements on the Firepower Management Center must be validated to allow
communication with the cloud service? (Choose two.)


A.

outbound port TCP/443


B.

inbound port TCP/80


C.

outbound port TCP/8080


D.

inbound port TCP/443


E.

outbound port TCP/80





A.   

outbound port TCP/443



E.   

outbound port TCP/80




Page 7 out of 51 Pages
Previous