2021 300-710 Premium Files Test pdf - Free Dumps Collection [Q61-Q83]

2021 300-710 Premium Files Test pdf - Free Dumps Collection

 Get ready to pass the 300-710 Exam right now using our CCNP Security  Exam Package

NEW QUESTION 61
Which interface type allows packets to be dropped?

• A. ERSPAN
• B. inline
• C. passive
• D. TAP

Answer: B

Explanation:
Section: Deployment
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200908-configuring-firepower- threat-defense-int.html

 

NEW QUESTION 62
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

• A. They can block traffic based on Security Intelligence data.
• B. Traffic inspection can be interrupted temporarily when configuration changes are deployed.
• C. File policies use an associated variable set to perform intrusion prevention.
• D. The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.
• E. The system performs intrusion inspection followed by file inspection.

Answer: A,B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Access_Control_Using_Intrusion_and_File_Policies.html

 

NEW QUESTION 63
Which two considerations must be made when deleting and re-adding devices while managing them via Cisco FMC (Choose two).

• A. Before re-adding the device In Cisco FMC, the manager must be added back.
• B. The Cisco FMC web interface prompts users to re-apply access control policies.
• C. There is no option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.
• D. Once a device has been deleted, It must be reconfigured before it is re-added to the Cisco FMC.
• E. An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the polices after registration is completed.

Answer: B,C

 

NEW QUESTION 64
Which two actions can be used in an access control policy rule? (Choose two.)

• A. Block with Reset
• B. Analyze
• C. Block ALL
• D. Discover
• E. Monitor

Answer: A,E

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module-user-guide-v541/AC-Rules-Tuning-Overview.html#71854

 

NEW QUESTION 65
An engineer currently has a Cisco FTD device registered to the Cisco FMC and is assigned the address of 10 10.50.12. The organization is upgrading the addressing schemes and there is a requirement to convert the addresses to a format that provides an adequate amount of addresses on the network What should the engineer do to ensure that the new addressing takes effect and can be used for the Cisco FTD to Cisco FMC connection?

• A. Update the IP addresses from IFV4 to IPv6 without deleting the device from Cisco FMC
• B. Format and reregister the device to Cisco FMC.
• C. Delete and reregister the device to Cisco FMC
• D. Cisco FMC does not support devices that use IPv4 IP addresses.

Answer: A

 

NEW QUESTION 66
The event dashboard within the Cisco FMC has been inundated with low priority intrusion drop events, which are overshadowing high priority events. An engineer has been tasked with reviewing the policies and reducing the low priority events. Which action should be configured to accomplish this task?

• A. drop and generate
• B. drop connection
• C. drop packet
• D. generate events

Answer: D

Explanation:
Reference" https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/working_with_intrusion_events.html

 

NEW QUESTION 67
What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

• A. The rate-limiting rule is disabled.
• B. The system rate-limits all traffic.
• C. The system repeatedly generates warnings.
• D. Matching traffic is not rate limited.

Answer: D

 

NEW QUESTION 68
Which command-line mode is supported from the Cisco Firepower Management Center CLI?

• A. privileged
• B. configuration
• C. user
• D. admin

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config- guide-v66/command_line_reference.pdf

 

NEW QUESTION 69
Which Cisco Firepower feature is used to reduce the number of events received in a period of time?

• A. rate-limiting
• B. thresholding
• C. correlation
• D. suspending

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module-user-guide-v541/Intrusion-Global-Threshold.html

 

NEW QUESTION 70
What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

• A. The rate-limiting rule is disabled.
• B. The system rate-limits all traffic.
• C. The system repeatedly generates warnings.
• D. Matching traffic is not rate limited.

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/quality_of_service_qos.pdf

 

NEW QUESTION 71
Which command must be run to generate troubleshooting files on an FTD?

• A. show tech-support
• B. sudo sf_troubleshoot.pl
• C. system support view-files
• D. system generate-troubleshoot all

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/sourcefire-defense-center/117663-technote-SourceFire-00.html

 

NEW QUESTION 72
What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config- guide-v61/system_configuration.html

 

NEW QUESTION 73
Which command must be run to generate troubleshooting files on an FTD?

• A. show tech-support
• B. system generate-troubleshoot all
• C. system support view-files
• D. sudo sf_troubleshoot.pl

Answer: B

 

NEW QUESTION 74
An administrator is attempting to remotely log into a switch in the data centre using SSH and is unable to connect. How does the administrator confirm that traffic is reaching the firewall?

• A. by performing a packet capture on the firewall.
• B. by running Wireshark on the administrator's PC
• C. by running a packet tracer on the firewall.
• D. by attempting to access it from a different workstation.

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212474-working-with-firepower-threat-defense-f.html#anc16

 

NEW QUESTION 75
Which report template field format is available in Cisco FMC?

• A. arrow chart
• B. box lever chart
• C. benchmark chart
• D. bar chart

Answer: D

 

NEW QUESTION 76
An engineer is configuring a second Cisco FMC as a standby device but is unable to register with the active unit. What is causing this issue?

• A. The code versions running on the Cisco FMC devices are different
• B. There is only 10 Mbps of bandwidth between the two devices.
• C. The licensing purchased does not include high availability
• D. The primary FMC currently has devices connected to it.

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/firepower_management_center_high_availability.html

 

NEW QUESTION 77
In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

• A. unknown
• B. disconnected
• C. clean
• D. unavailable

Answer: A

 

NEW QUESTION 78
Which command-line mode is supported from the Cisco Firepower Management Center CLI?

• A. privileged
• B. configuration
• C. user
• D. admin

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/command_line_reference.pdf

 

NEW QUESTION 79
What are two application layer preprocessors? (Choose two.)

• A. CIFS
• B. IMAP
• C. SSL
• D. DNP3
• E. ICMP

Answer: B,C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Application_Layer_Preprocessors.html

 

NEW QUESTION 80
Which group within Cisco does the Threat Response team use for threat analysis and research?

• A. Cisco Network Response
• B. Cisco Talos
• C. OpenDNS Group
• D. Cisco Deep Analytics

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/products/security/threat-response.html#~benefits

 

NEW QUESTION 81
Which two actions can be used in an access control policy rule? (Choose two.)

• A. Block with Reset
• B. Analyze
• C. Block ALL
• D. Discover
• E. Monitor

Answer: A,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa- firepower-module-user-guide-v541/AC-Rules-Tuning-Overview.html#71854

 

NEW QUESTION 82
An administrator is working on a migration from Cisco ASA to the Cisco FTD appliance and needs to test the rules without disrupting the traffic. Which policy type should be used to configure the ASA rules during this phase of the migration?

• A. Prefilter
• B. Access Control
• C. identity
• D. Intrusion

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/migration-guide/ASA2FTD-with-FP-Migration-Tool/b_Migration_Guide_ASA2FTD_chapter_01011.html

 

NEW QUESTION 83
......

Master 2021 Latest The Questions CCNP Security and Pass 300-710  Real Exam!: https://www.dumpstorrent.com/300-710-exam-dumps-torrent.html

A fully updated 2021 300-710 Exam Dumps exam guide from training expert DumpsTorrent: https://drive.google.com/open?id=1ggtDddrmkRyO4huajORD_VTrEI8jm2Gj