최신 300-710 무료덤프 - Cisco Securing Networks with Cisco Firepower

문제1

A company is deploying intrusion protection on multiple Cisco FTD appliances managed by Cisco FMC. Which system-provided policy must be selected if speed and detection are priorities?

A. Maximum Detection

B. Connectivity Over Security

C. Security Over Connectivity

D. Balanced Security and Connectivity

정답: D

문제2

Upon detecting a flagrant threat on an endpoint, which two technologies instruct Cisco Identity Services Engine to contain the infected endpoint either manually or automatically? (Choose two.)

A. Cisco Stealthwatch

B. Cisco FMC

C. Cisco AMP

D. Cisco ASA 5500 Series

E. Cisco ASR 7200 Series

정답: B,C

문제3

What Software can be installed on the Cisco 4100 series appliance? (Choose two)

A. ASAv

B. ASA

C. FTD

D. FMC

정답: B,C

문제4

Which two field can be used to create a new email alert within the Cisco Firepower Management center under Policies > Actions > Alerts tab? (Choose two.)

A. From

B. Relay Host

C. Device

D. Destination

E. Source

정답: A,B

문제5

Which access control policy action must be selected to inspect traffic for malware using cisco AMP for Networks?

A. allow

B. inspect

C. trust

D. monitor

정답: A

문제6

An engineer is troubleshooting a file that is being blocked by a Cisco FTD device on the network.
The user is reporting that the file is not malicious. Which action does the engineer take to identify the file and validate whether or not it is malicious?

A. Identify the file in the intrusion events and submit it to Threat Grid for analysis.

B. Use FMC file analysis to look for the file and select Analyze to determine its disposition.

C. Right click the connection event and send the file to AMP for Endpoints to see if the hash is malicious.

D. Use the context explorer to find the file and download it to the local machine for investigation.

정답: A

문제7

A network administrator is configuring a Cisco AMP public cloud instance and wants to capture infections and polymorphic variants of a threat to help detect families of malware. Which detection engine meets this requirement?

A. Ethos

B. Spero

C. Tetra

D. RBAC

정답: A

문제8

A Cisco FTD device is running in transparent firewall mode with a VTEP bridge group member ingress interface.
What must be considered by an engineer tasked with specifying a destination MAC address for a packet trace?

A. Only the UDP packet type is supported

B. The destination MAC address is optional if a VLAN ID value is entered

C. The VLAN ID and destination MAC address are optional

D. The output format option for the packet logs unavailable

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

A security engineer sees an alert on Cisco Secure Endpoint console showing a malicious verdict for a file with the SHA-256 hash
0488537078abcdef048853abcdef048853abcdef048853abcdef048853abcdef048853. Which step will mitigate this threat?

A. Enable firewall on infected endpoint.

B. Add the hash to network block list.

C. Add the hash to custom detection list.

D. Quarantine the file on endpoint.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Within Cisco Firepower Management Center, where does a user add or modify widgets?

A. dashboard

B. context explorer

C. reporting

D. summary tool

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제11

An engineer is configuring a new dashboard within Cisco Secure Firewall Management Center and is having trouble implementing a custom widget. When a custom analysis widget is configured, which option is mandatory for the system to display the information?

A. results

B. filter

C. title

D. table

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제12

An engineer must investigate a connectivity issue and decides to use the packet capture feature on Cisco FTD. The goal is to see the real packet going through the Cisco FTD device and see Snort detection actions as a part of the output. After the capture-traffic command is issued, only the packets are displayed. Which action resolves this issue?

A. Use the verbose option as a part of the capture-traffic command

B. Specify the trace using the -T option after the capture-traffic command

C. Use the capture command and specify the trace option to get the required information

D. Perform the trace within the Cisco FMC GUI instead of the Cisco FMC CLI

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제13

An engineer is investigating connectivity problems on Cisco Firepower that is using service group tags. Specific devices are not being tagged correctly, which is preventing clients from using the proper policies when going through the firewall How is this issue resolved?

A. Use a packet capture with match criteria.

B. Use traceroute with advanced options.

C. Use a packet sniffer with correct filtering

D. Use Wireshark with an IP subnet filter.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제14

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

A. Wait for Cisco Threat Response to automatically block the malware.

B. Send a snapshot to Cisco for technical support.

C. Forward the result of the investigation to an external threat-analysis engine.

D. Add the malicious file to the block list.

정답: D

문제15

A network engineer must configure an existing firewall to have a NAT configuration. The new configuration must support more than two interfaces per context. The firewall has previously been operating in transparent mode. The Cisco Secure Firewall Threat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?

A. Run the configure firewall routed command from the Secure FMC CLI. and reregister with Secure FMC.

B. Run the configure manager add routed command from the Secure FTD device CLI, and reregister with Secure FMC.

C. Run the configure firewall routed command from the Secure FTD device CLI, and reregister with Secure FMC.

D. Run the configure manager add routed command from the Secure FMC CLI. and reregister with Secure FMC.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제16

Which description of a correlation policy configuration in the Cisco Firepower Management Center is true?

A. Deleting a response group deletes the responses of that group

B. The system displays correlation policies that are created on all of the domains in a multidomain deployment

C. Correlation policy priorities override whitelist priorities

D. You cannot add a host profile qualification to a correlation rule that is triggered by a malware event

정답: D

문제17

What is a purpose of the network analysis policy on a Cisco Firepower NGIPS?

A. it examines packets for attacks by using intrusion rules

B. it specifies the outer-header criteria used to process traffic without using advanced inspection

C. it governs how traffic is preprocessed before inspection

D. it defines the rules for encrypting traffic

정답: C

문제18

Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

A. reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists

B. reputation-based objects, such as URL categories

C. network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country

D. dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7 application protocols.

E. network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country

정답: A,E

설명: (DumpTOP 회원만 볼 수 있음)

문제19

An engineer configures an access control rule that deploys file policy configurations to security zone or tunnel zones, and it causes the device to restart. What is the reason for the restart?

A. Source or destination security zones in the access control rule matches the security zones that are associated with interfaces on the target devices.

B. Source or destination security zones in the source tunnel zone do not match the security zones that are associated with interfaces on the target devices.

C. The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the source policy.

D. The source tunnel zone in the rule does not match a tunnel zone that is assigned to a tunnel rule in the destination policy.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 300-710 무료덤프 - Cisco Securing Networks with Cisco Firepower

우리와 연락하기

유용한 링크

최신 업데이트