• ホーム
  • ブログ
  • [2022年01月28日] 最新300-710試験問題集には高得点で一発合格 [Q93-Q111]

[2022年01月28日] 最新300-710試験問題集には高得点で一発合格 [Q93-Q111]

Share

[2022年01月28日] 最新300-710試験問題集には高得点で一発合格

無料提供中300-710ブレーン問題集と300-710リアル試験問題

質問 93
A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisc FMC generated an alert for the malware event, however the user still remained connected. Which Cisco APM file rule action within the Cisco FMC must be set to resolve this issue?

  • A. Detect Files
  • B. Malware Cloud Lookup
  • C. Local Malware Analysis
  • D. Reset Connection

正解: B

 

質問 94
The administrator notices that there is malware present with an .exe extension and needs to verify if any of the systems on the network are running the executable file. What must be configured within Cisco AMP for Endpoints to show this data?

  • A. prevalence
  • B. threat root cause
  • C. file analysis
  • D. vulnerable software

正解: C

 

質問 95
A connectivity issue is occurring between a client and a server which are communicating through a Cisco Firepower device While troubleshooting, a network administrator sees that traffic is reaching the server, but the client is not getting a response Which step must be taken to resolve this issue without initiating traffic from the client?

  • A. Use packet capture to ensure that traffic is not being blocked by an access list.
  • B. Use packet-tracer to validate that the packet passes through the firewall and is NATed to the corrected IP address.
  • C. Use packet capture to validate that the packet passes through the firewall and is NATed to the corrected IP address.
  • D. Use packet-tracer to ensure that traffic is not being blocked by an access list.

正解: B

 

質問 96
An administrator is optimizing the Cisco FTD rules to improve network performance, and wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD. Which policy must be configured to accomplish this goal?

  • A. URL filtering
  • B. intrusion
  • C. identity
  • D. prefilter

正解: D

 

質問 97
Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.

正解:

解説:

 

質問 98
The administrator notices that there is malware present with an .exe extension and needs to verify if any of the systems on the network are running the executable file. What must be configured within Cisco AMP for Endpoints to show this data?

  • A. prevalence
  • B. threat root cause
  • C. file analysis
  • D. vulnerable software

正解: A

 

質問 99
An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks What must be configured in order to maintain data privacy for both departments?

  • A. Use 802 1Q mime set Trunk interfaces with VLANs to maintain logical traffic separation
  • B. Use one pair of inline set in TAP mode for both departments
  • C. Use a dedicated IPS inline set for each department to maintain traffic separation
  • D. Use passive IDS ports for both departments

正解: A

 

質問 100
Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

  • A. port shutdown
  • B. DHCP pool disablement
  • C. quarantine
  • D. dynamic null route configured
  • E. host shutdown

正解: A,C

解説:
Section: Integration
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/210524-configure- firepower-6-1-pxgrid-remediati.html

 

質問 101
What is a valid Cisco AMP file disposition?

  • A. known-good
  • B. pristine
  • C. malware
  • D. non-malicious

正解: C

解説:
Section: Integration
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide- v60/Reference_a_wrapper_Chapter_topic_here.html

 

質問 102
A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet How is this accomplished on an FTD device in routed mode?

  • A. by using a BVI and create a BVI IP address in the same subnet as the user segment
  • B. by leveraging the ARP to direct traffic through the firewall
  • C. by bypassing protocol inspection by leveraging pre-filter rules
  • D. by assigning an inline set interface

正解: A

解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/transparent_or_routed_firewall_mode_for_firepower_threat_defense.html

 

質問 103
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

  • A. Traffic inspection can be interrupted temporarily when configuration changes are deployed.
  • B. The system performs intrusion inspection followed by file inspection.
  • C. They can block traffic based on Security Intelligence data.
  • D. File policies use an associated variable set to perform intrusion prevention.
  • E. The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.

正解: A,C

解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Access_Control_Using_Intrusion_and_File_Policies.html

 

質問 104
Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

  • A. port shutdown
  • B. DHCP pool disablement
  • C. quarantine
  • D. dynamic null route configured
  • E. host shutdown

正解: A,C

解説:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/210524-configure- firepower-6-1-pxgrid-remediati.html

 

質問 105
Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?

  • A. Only the administrator of the top ancestor domain can view dashboards.
  • B. Child domains have access to only a limited set of widgets from ancestor domains.
  • C. Child domains can view but not edit dashboards that originate from an ancestor domain.
  • D. Child domains cannot view dashboards that originate from an ancestor domain.

正解: D

解説:
Section: Management and Troubleshooting
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide- v60/Using_Dashboards.html

 

質問 106
What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

  • A. VPN connections can be re-established only if the failed master unit recovers.
  • B. Only established VPN connections are maintained when a new master unit is elected.
  • C. VPN connections must be re-established when a new master unit is elected.
  • D. Smart License is required to maintain VPN connections simultaneously across all cluster units.

正解: C

解説:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/clustering/ftd-cluster-solution.html#concept_g32_yml_y2b

 

質問 107
Refer to the exhibit.

And engineer is analyzing the Attacks Risk Report and finds that there are over 300 instances of new operating systems being seen on the network How is the Firepower configuration updated to protect these new operating systems?

  • A. The administrator requests a Remediation Recommendation Report from Cisco Firepower
  • B. Cisco Firepower automatically updates the policies.
  • C. Cisco Firepower gives recommendations to update the policies.
  • D. The administrator manually updates the policies.

正解: C

解説:
Explanation
Ref:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Tailori

 

質問 108
An organization is setting up two new Cisco FTD devices to replace their current firewalls and cannot have any network downtime During the setup process, the synchronization between the two devices is failing What action is needed to resolve this issue?

  • A. Confirm that both devices are configured with the same types of interfaces
  • B. Confirm that both devices have the same port-channel numbering
  • C. Confirm that both devices are running the same software version
  • D. Confirm that both devices have the same flash memory sizes

正解: C

解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/ firepower_threat_defense_high_availability.html#Cisco_Reference.dita_cc8821d8-a5a5-49c0-97fddc9b6f7dbad2

 

質問 109
Which group within Cisco does the Threat Response team use for threat analysis and research?

  • A. Cisco Deep Analytics
  • B. Cisco Talos
  • C. Cisco Network Response
  • D. OpenDNS Group

正解: B

解説:
Section: Management and Troubleshooting
Explanation/Reference: https://www.cisco.com/c/en/us/products/security/threat-response.html#~benefits

 

質問 110
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

  • A. capture-traffic
  • B. configure coredump packet-engine enable
  • C. capture
  • D. capture WORD

正解: A

 

質問 111
......

300-710合格させる問題集でCisco24時間で試験合格できます:https://www.goshiken.com/Cisco/300-710-mondaishu.html

Cisco 300-710実際の問題とブレーン問題集:https://drive.google.com/open?id=14H2i12UdU1AZJxF-e7JuqYGeUE5nTApX

関するブログ

もっと
300-710無料問題集