Try Before You Buy

Download a free sample of any of our exam questions and answers

  • 24/7 customer support, Secure shopping site
  • Free One year updates to match real exam scenarios
  • If you failed your exam after buying our products we will refund the full amount back to you.
Free Download
  • Home
  • Articles
  • 300-710 Practice Exam Tests Latest Updated on Sep-2021 [Q25-Q48]

300-710 Practice Exam Tests Latest Updated on Sep-2021 [Q25-Q48]

Share

300-710 Practice Exam Tests Latest Updated on Sep-2021

Pass 300-710 Exam in First Attempt Guaranteed Dumps!

NEW QUESTION 25
A network engineer wants to add a third-party threat feed into the Cisco FMC for enhanced threat detection Which action should be taken to accomplish this goal?

  • A. Enable Rapid Threat Containment using REST APIs
  • B. Enable Threat Intelligence Director using STIX and TAXII
  • C. Enable Rapid Threat Containment using STIX and TAXII
  • D. Enable Threat Intelligence Director using REST APIs

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/cisco_threat_intelligence_director__tid_.html

 

NEW QUESTION 26
Which two packet captures does the FTD LINA engine support? (Choose two.)

  • A. Layer 7 network ID
  • B. dynamic firewall importing
  • C. application ID
  • D. source IP
  • E. protocol

Answer: D,E

 

NEW QUESTION 27
Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

  • A. BDI
  • B. IRB
  • C. SGT
  • D. FlexConfig

Answer: B

Explanation:
Section: Configuration
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/relnotes/ Firepower_System_Release_Notes_Version_620/new_features_and_functionality.html

 

NEW QUESTION 28
An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time. What configuration change must be made to alleviate this issue?

  • A. Change the method to TCP/SYN.
  • B. Increase the number of entries on the NAT device.
  • C. Exclude load balancers and NAT devices.
  • D. Leave default networks.

Answer: C

 

NEW QUESTION 29
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

  • A. They can block traffic based on Security Intelligence data.
  • B. Traffic inspection can be interrupted temporarily when configuration changes are deployed.
  • C. File policies use an associated variable set to perform intrusion prevention.
  • D. The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.
  • E. The system performs intrusion inspection followed by file inspection.

Answer: A,B

 

NEW QUESTION 30
What is a behavior of a Cisco FMC database purge?

  • A. The specified data is removed from Cisco FMC and kept for two weeks.
  • B. User login and history data are removed from the database if the User Activity check box is selected.
  • C. The appropriate process is restarted.
  • D. Data can be recovered from the device.

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/management_center_database_purge.pdf

 

NEW QUESTION 31
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

  • A. configure coredump packet-engine enable
  • B. capture WORD
  • C. capture
  • D. capture-traffic

Answer: D

 

NEW QUESTION 32
Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

  • A. BGPv4 in transparent firewall mode
  • B. ECMP with up to three equal cost paths across a single interface
  • C. ECMP with up to three equal cost paths across multiple interfaces
  • D. BGPv6
  • E. BGPv4 with nonstop forwarding

Answer: B,D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/fpmc-config-guide-v60_chapter_01100011.html#ID-2101-0000000e

 

NEW QUESTION 33
A network engineer is receiving reports of users randomly getting disconnected from their corporate applications which traverses the data center FTD appliance Network monitoring tools show that the FTD appliance utilization is peaking above 90% of total capacity. What must be done in order to further analyze this issue?

  • A. Use the Packet Capture feature to collect real-time network traffic
  • B. Use the Packet Tracer feature for traffic policy analysis
  • C. Use the Packet Analysis feature for capturing network data
  • D. Use the Packet Export feature to save data onto external drives

Answer: A

 

NEW QUESTION 34
Network traffic coining from an organization's CEO must never be denied. Which access control policy configuration option should be used if the deployment engineer is not permitted to create a rule to allow all traffic?

  • A. Change the intrusion policy from security to balance.
  • B. Configure a trust policy for the CEO.
  • C. Create a NAT policy just for the CEO.
  • D. Configure firewall bypass.

Answer: B

 

NEW QUESTION 35
Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high- availability?

  • A. configure high-availability resume
  • B. system support network-options
  • C. configure high-availability suspend
  • D. configure high-availability disable

Answer: D

 

NEW QUESTION 36
Refer to the exhibit.

And engineer is analyzing the Attacks Risk Report and finds that there are over 300 instances of new operating systems being seen on the network How is the Firepower configuration updated to protect these new operating systems?

  • A. The administrator requests a Remediation Recommendation Report from Cisco Firepower
  • B. The administrator manually updates the policies.
  • C. Cisco Firepower gives recommendations to update the policies.
  • D. Cisco Firepower automatically updates the policies.

Answer: C

Explanation:
Explanation
Ref:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Tailori

 

NEW QUESTION 37
Which interface type allows packets to be dropped?

  • A. ERSPAN
  • B. inline
  • C. passive
  • D. TAP

Answer: B

 

NEW QUESTION 38
A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service? (Choose two.)

  • A. inbound port TCP/80
  • B. outbound port TCP/80
  • C. outbound port TCP/8080
  • D. outbound port TCP/443
  • E. inbound port TCP/443

Answer: B,D

 

NEW QUESTION 39
What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/system_configuration.html

 

NEW QUESTION 40
An organization is setting up two new Cisco FTD devices to replace their current firewalls and cannot have any network downtime During the setup process, the synchronization between the two devices is failing What action is needed to resolve this issue?

  • A. Confirm that both devices have the same flash memory sizes
  • B. Confirm that both devices are configured with the same types of interfaces
  • C. Confirm that both devices have the same port-channel numbering
  • D. Confirm that both devices are running the same software version

Answer: D

 

NEW QUESTION 41
What is a behavior of a Cisco FMC database purge?

  • A. The specified data is removed from Cisco FMC and kept for two weeks.
  • B. User login and history data are removed from the database if the User Activity check box is selected.
  • C. The appropriate process is restarted.
  • D. Data can be recovered from the device.

Answer: C

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/management_center_database_purge.pdf

 

NEW QUESTION 42
When creating a report template, how can the results be limited to show only the activity of a specific subnet?

  • A. Create a custom search in Firepower Management Center and select it in each section of the report.
  • B. Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.
  • C. Add a Table View section to the report with the Search field defined as the network in CIDR format.
  • D. Select IP Address as the X-Axis in each section of the report.

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401/Reports.html#87267

 

NEW QUESTION 43
Which two routing options are valid with Cisco FTD? (Choose Two)

  • A. BGPv4 in transparent firewall mode
  • B. ECMP with up to three equal cost paths across a single interface
  • C. ECMP with up to three equal cost paths across multiple interfaces
  • D. BGPv6
  • E. BGPv4 with nonstop forwarding

Answer: B,D

 

NEW QUESTION 44
An organization has a Cisco IPS running in inline mode and is inspecting traffic for malicious activity. When traffic is received by the Cisco IRS, if it is not dropped, how does the traffic get to its destination?

  • A. It is retransmitted from the Cisco IPS inline set.
  • B. The packets are duplicated and a copy is sent to the destination.
  • C. It is routed back to the Cisco ASA interfaces for transmission.
  • D. It is transmitted out of the Cisco IPS outside interface.

Answer: C

 

NEW QUESTION 45
What is the result a specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

  • A. The rate-limiting rule is disabled.
  • B. The system rate-limits all traffic.
  • C. The system repeatedly generates warnings.
  • D. Matching traffic is not rate limited.

Answer: D

Explanation:
Section: Configuration
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/quality_of_service_qos.pdf

 

NEW QUESTION 46
A network administrator notices that inspection has been interrupted on all non-managed interfaces of a device. What is the cause of this?

  • A. A passive interface was associated with a security zone.
  • B. The value of the highest MTU assigned to any non-management interface was changed.
  • C. The value of the highest MSS assigned to any non-management interface was changed.
  • D. Multiple inline interface pairs were added to the same inline interface.

Answer: B

 

NEW QUESTION 47
An engineer currently has a Cisco FTD device registered to the Cisco FMC and is assigned the address of 10 10.50.12. The organization is upgrading the addressing schemes and there is a requirement to convert the addresses to a format that provides an adequate amount of addresses on the network What should the engineer do to ensure that the new addressing takes effect and can be used for the Cisco FTD to Cisco FMC connection?

  • A. Delete and reregister the device to Cisco FMC
  • B. Update the IP addresses from IFV4 to IPv6 without deleting the device from Cisco FMC
  • C. Format and reregister the device to Cisco FMC.
  • D. Cisco FMC does not support devices that use IPv4 IP addresses.

Answer: A

 

NEW QUESTION 48
......

CCNP Security  Free Certification Exam Material from BraindumpsIT with 145 Questions: https://www.braindumpsit.com/300-710_real-exam.html

300-710 Dumps Full Questions - Exam Study Guide: https://drive.google.com/open?id=1eGZ6HukMSX7wrUEbDL6qcePypAjyk4Ha

Related Articles

more
Cisco 300-710 Certification Practice Exam

The passing rate of BraindumpsIT braindumps pdf is about 98%~100% for all IT certification examinations. BraindumpsIT braindumps pdf helps you pass exam for sure.

Latest Pass Braindumps Exam

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 BraindumpsIT NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
BraindumpsIT doesn't offer Real SAP Exam Questions. The site is in no way affiliated with SAP SE.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
BraindumpsIT material do not contain actual actual Oracle Exam Questions or material.
BraindumpsIT doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
BraindumpsIT Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
BraindumpsIT.com does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. BraindumpsIT does not own or claim any ownership on any of the brands.