Free Cisco 300-710 Exam Questions

Question 1

A VPN user is unable to conned lo web resources behind the Cisco FTD device terminating the connection. While troubleshooting, the network administrator determines that the DNS responses are not getting through the Cisco FTD What must be done to address this issue while still utilizing Snort IPS rules?

A : Uncheck the "Drop when Inline" box in the intrusion policy to allow the traffic.

B : Modify the Snort rules to allow legitimate DNS traffic to the VPN users.

C : Disable the intrusion rule threshes to optimize the Snort processing.

D : Decrypt the packet after the VPN flow so the DNS queries are not inspected

Answer: B

Question 2

An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?

A : Add a native instance to distribute traffic to each Cisco FTD context.

B : Add the Cisco FTD device to the Cisco ASA port channels.

C : Configure a container instance in the Cisco FTD for each context in the Cisco ASA.

D : Configure the Cisco FTD to use port channels spanning multiple networks.

Answer: C

Question 3

Refer to the exhibit.A Cisco Secure Firewall Threat Defense (FTD) device is deployed in inline mode with an inline set. The network engineer wants router R2 to remove the directly connected route M 68.1.0/24 from its routing table when the cable between routed R1 and the Secure FTD device Is disconnected. Which action must the engineer take?

A : Implement the Propagate Link Stale option on the Secure FTD device

B : Establish a routing protocol between R1 and R2.

C : Disable hardware bypass on the Secure FTD device.

D : Implement autostate functionality on the Gi0/2 interface of R2

Answer: A

Question 4

Refer to the exhibit.A Cisco Secure Firewall Threat Defense (FTD) device is deployed in inline mode with an inline set. The network engineer wants router R2 to remove the directly connected route M 68.1.0/24 from its routing table when the cable between routed R1 and the Secure FTD device Is disconnected. Which action must the engineer take?

A : Implement the Propagate Link Stale option on the Secure FTD device

B : Establish a routing protocol between R1 and R2.

C : Disable hardware bypass on the Secure FTD device.

D : Implement autostate functionality on the Gi0/2 interface of R2

Answer: A

Question 5

An analyst using the security analyst account permissions is trying to view the Correlations Events Widget but is not able to access it. However, other dashboards are accessible. Why is this occurring?

A : An API restriction within the Cisco FMC is preventing the widget from displaying.

B : The widget is configured to display only when active events are present.

C : The widget is not configured within the Cisco FMC.

D : The security analyst role does not have permission to view this widget.

Answer: C