300-710試験無料問題集（397題）「Cisco Securing Networks with Cisco Firepower 認定」

出題：1

An engineer is reviewing a ticket that requests to allow traffic for some devices that must connect to a server over 8699/udp. The request mentions only one IP address, 172.16.18.15, but the requestor asked for the engineer to open the port for all machines that have been trying to connect to it over the last week. Which action must the engineer take to troubleshoot this issue?

A. Use the context explorer to see the destination port blocks

B. Filter the connection events by the destination port 8699/udp.

C. Filter the connection events by the source port 8699/udp.

D. Use the context explorer to see the application blocks by protocol.

正解：B 解答を投票する

出題：2

Due to an Increase in malicious events, a security engineer must generate a threat report to include intrusion events, malware events, and security intelligence events. How Is this information collected in a single report?

A. Generate a malware report.

B. Create a Custom report.

C. Run the default Firepower report.

D. Export the Attacks Risk report.

正解：B 解答を投票する

出題：3

When do you need the file-size command option during troubleshooting with packet capture?

A. when capture packets exceed 32 MB

B. when capture packets exceed 10 GB

C. when capture packets are restricted from the secondary memory

D. when capture packets are less than 16 MB

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

A VPN administrator converted an instance of Cisco Secure Firewall Threat Defense, which is managed by Cisco Secure Firewall Management Center, from using LDAP to LDAPS for remote access VPN authentication. Which certificate must be added to allow for remote users to authenticate over the VPN?

A. LDAPS server certificate must be added to Secure Firewall Threat Defense

B. LDAPS server certificate must be added to Secure Firewall Management Center realms

C. Secure Firewall Threat Defense certificate must be added to the LDAPS server

D. Secure Firewall Management Center certificate must be added to the LDAPS server

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

A security engineer must add a new policy to block UDP traffic to one server. The engineer adds a new object. Which action must the engineer take next to identify all the UDP ports?

A. Add the corresponding IP protocol number for UDP and TCP.

B. Add the transport number and specify the type and code.

C. Specify the transport protocol and leave the port number empty.

D. Define the transport protocol and the mandatory port range.

正解：C 解答を投票する

出題：6

An engineer is configuring a custom intrusion rule on Cisco FMC. The engineer needs the rule to search the payload or stream for the string "|44 78 97 13 2 0A|". Which keyword must the engineer use with this string to create an argument for packet inspection?

A. metadata

B. protected_content

C. content

D. data

正解：C 解答を投票する

出題：7

An engineer is investigating connectivity problems on Cisco Firepower for a specific SGT. Which command allows the engineer to capture real packets that pass through the firewall using an SGT of 64?

A. capture CAP headers-only type inline-tag 64 match ip any any

B. capture CAP match 64 type inline-tag ip any any

C. capture CAP buffer 64 match ip any any

D. capture CAP type inline-tag 64 match ip any any

正解：D 解答を投票する

出題：8

A security engineer sees an alert on Cisco Secure Endpoint console showing a malicious verdict for a file with the SHA-256 hash
0488537078abcdef048853abcdef048853abcdef048853abcdef048853abcdef048853. Which step will mitigate this threat?

A. Add the hash to network block list.

B. Enable firewall on infected endpoint.

C. Add the hash to custom detection list.

D. Quarantine the file on endpoint.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

An engineer is attempting to add a new FTD device to their FMC behind a NAT device with a NAT ID of ACME001 and a password of Cisco388267669.
Which command set must be used in order to accomplish this?

A. configure manager add DONTRESOLVE <FMC IP> AMCE001 <registration key>

B. configure manager add ACME001 <registration key> <FMC IP>

C. configure manager add <FMC IP> ACME0O1 <registration key>

D. configure manager add <FMC IP> registration key> ACME001

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

What is the RTC workflow when the infected endpoint is identified?

A. Cisco FMC instructs Cisco ISE to contain the infected endpoint.

B. Cisco AMP instructs Cisco FMC to contain the infected endpoint.

C. Cisco ISE instructs Cisco AMP to contain the infected endpoint.

D. Cisco ISE instructs Cisco FMC to contain the infected endpoint.

正解：A 解答を投票する

出題：11

Which interface type allows packets to be dropped?

A. inline

B. ERSPAN

C. TAP

D. passive

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

When using Cisco AMP for Networks, which feature copies a file to the Cisco AMP cloud for analysis?

A. malware analysis

B. Spero analysis

C. dynamic analysis

D. sandbox analysis

正解：C 解答を投票する

出題：13

A connectivity issue is occurring between a client and a server which are communicating through a Cisco Firepower device While troubleshooting, a network administrator sees that traffic is reaching the server, but the client is not getting a response.
Which step must be taken to resolve this issue without initiating traffic from the client?

A. Use packet capture to ensure that traffic is not being blocked by an access list.

B. Use packet capture to validate that the packet passes through the firewall and is NATed to the corrected IP address.

C. Use packet-tracer to ensure that traffic is not being blocked by an access list.

D. Use packet-tracer to validate that the packet passes through the firewall and is NATed to the corrected IP address.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

An administrator Is setting up a Cisco PMC and must provide expert mode access for a security engineer. The engineer Is permitted to use only a secured out-of-band network workstation with a static IP address to access the Cisco FMC. What must be configured to enable this access?

A. Enable SSH and define an access list.

B. Enable HTTPS and SNMP under the Access List section.

C. Enable SCP under the Access List section.

D. Enable HTTP and define an access list.

正解：A 解答を投票する

300-710試験無料問題集「Cisco Securing Networks with Cisco Firepower 認定」