300-710 Practice Test

Which two packet captures does the FTD LINA engine support? (Choose two.)

A.

Layer 7 network ID

B.

source IP

C.

application ID

D.

dynamic firewall importing

E.

protocol

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.) 

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet. 

Which CLI command is used to control special handling of ClientHello messages?

A.

system support ssl-client-hello-tuning

B.

system support ssl-client-hello-display

C.

system support ssl-client-hello-force-reset

D.

system support ssl-client-hello-enabled

Which Cisco Firepower feature is used to reduce the number of events received in a period
of time?

A.

rate-limiting

B.

suspending

C.

correlation

D.

thresholding

A company has many Cisco FTD devices managed by a Cisco FMC. The security model
requires that access control rule logs be collected for analysis. The security engineer is
concerned that the Cisco FMC will not be able to process the volume of logging that will be
generated. Which configuration addresses this concern? 

A.

Send Cisco FTD connection events and security events directly to SIEM system forstorage and analysis.


 

B.

Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis.

C.

Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis.

D.

Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis.