Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

300-710Free trial

By cisco

Verified

25Q per page

Question 26

What is a valid Cisco AMP file disposition?

A: non-malicious
B: malware
C: known-good
D: pristine

—

Question 27

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

A: unavailable
B: unknown
C: clean
D: disconnected

—

Question 28

Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

A: dynamic null route configured
B: DHCP pool disablement
C: quarantine
D: port shutdown
E: host shutdown

—

Question 29

Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

A: pxGrid
B: FTD RTC
C: FMC RTC
D: ISEGrid

—

Question 30

What is the maximum SHA level of filtering that Threat Intelligence Director supports?

A: SHA-1024
B: SHA-4096
C: SHA-512
D: SHA-256

—

Question 31

What is the advantage of having Cisco Firepower devices send events to Cisco Threat Response via the security services exchange portal directly as opposed to using syslog?

A: Firepower devices do not need to be connected to the Internet.
B: An on-premises proxy server does not need to set up and maintained.
C: All types of Firepower devices are supported.
D: Supports all devices that are running supported versions of Firepower

—

Question 32

What are two application layer preprocessors? (Choose two.)

A: CIFS
B: IMAP
C: SSL
D: DNP3
E: ICMP

—

Question 33

Which license type is required on Cisco ISE to integrate with Cisco FMC pxGrid?

A: apex
B: plus
C: base
D: mobility

—

Question 34

What is a feature of Cisco AMP private cloud?

A: It disables direct connections to the public cloud.
B: It supports security intelligence filtering.
C: It support anonymized retrieval of threat intelligence.
D: It performs dynamic analysis.

—

Question 35

Which feature within the Cisco FMC web interface allows for detecting, analyzing, and blocking malware in network traffic?

A: intrusion and file events
B: Cisco AMP for Networks
C: file policies
D: Cisco AMP for Endpoints

—

Question 36

A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisco FMC generated an alert for the malware event, however the user still remained connected. Which Cisco AMP file rule action within the Cisco FMC must be set to resolve this issue?

A: Malware Cloud Lookup
B: Reset Connection
C: Detect Files
D: Local Malware Analysis

—

Question 37

An engineer has been tasked with using Cisco FMC to determine if files being sent through the network are malware. Which two configuration tasks must be performed to achieve this file lookup? (Choose two.)

A: The Cisco FMC needs to include a SSL decryption policy.
B: The Cisco FMC needs to connect to the Cisco AMP for Endpoints service.
C: The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for sandboxing.
D: The Cisco FMC needs to connect with the FireAMP Cloud.
E: The Cisco FMC needs to include a file inspection policy for malware lookup.

—

Question 38

A network engineer wants to add a third-party threat feed into the Cisco FMC for enhanced threat detection. Which action should be taken to accomplish this goal?

A: Enable Rapid Threat Containment using REST APIs.
B: Enable Rapid Threat Containment using STIX and TAXII.
C: Enable Threat Intelligence Director using REST APIs.
D: Enable Threat Intelligence Director using STIX and TAXII.

—

Question 39

A network engineer is logged into the Cisco AMP for Endpoints console and sees a malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate this threat?

A: Add the hash to the simple custom detection list
B: Use regular expressions to block the malicious file
C: Enable a personal firewall in the infected endpoint
D: Add the hash from the infected endpoint to the network block list

—

Question 40

A network administrator is concerned about the high number of malware files affecting users' machines. What must be done within the access control policy in
Cisco FMC to address this concern?

A: Create an intrusion policy and set the access control policy to block
B: Create an intrusion policy and set the access control policy to allow
C: Create a file policy and set the access control policy to allow
D: Create a file policy and set the access control policy to block

—

Question 41

Within an organization’s high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN. What must be configured to meet these requirements?

A: redundant interfaces
B: span EtherChannel clustering
C: high availability active/standby firewalls
D: multi-instance firewalls

—

Question 42

An engineer is implementing Cisco FTD in the network and is determining which Firepower mode to use. The organization needs to have multiple virtual
Firepower devices working separately inside of the FTD appliance to provide traffic segmentation. Which deployment mode should be configured in the Cisco
Firepower Management Console to support these requirements?

A: multi-instance
B: multiple deployment
C: single deployment
D: single-context

—

Question 43

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A: Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC
B: Shut down the active Cisco FTD device before powering up the replacement unit
C: Shut down the Cisco FMC before powering up the replacement unit
D: Unregister the faulty Cisco FTD device from the Cisco FMC

—

Question 44

A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to support?

A: high availability clustering
B: active/active failover
C: transparent
D: routed

—

Question 45

An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?

A: Configure a container instance in the Cisco FTD for each context in the Cisco ASA.
B: Add the Cisco FTD device to the Cisco ASA port channels.
C: Configure the Cisco FTD to use port channels spanning multiple networks.
D: Add a native instance to distribute traffic to each Cisco FTD context.

—

Question 46

An engineer installs a Cisco FTD device and wants to inspect traffic within the same subnet passing through a firewall and inspect traffic destined to the Internet. Which configuration will meet this requirement?

A: transparent firewall mode with IRB only
B: routed firewall mode with BVI and routed interfaces
C: transparent firewall mode with multiple BVIs
D: routed firewall mode with routed interfaces only

—

Question 47

A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows. It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it. Which Cisco IPS mode meets these requirements?

A: failsafe
B: inline tap
C: promiscuous
D: bypass

—

Question 48

A network administrator is implementing an active/passive high availability Cisco FTD pair. When adding the high availability pair, the administrator cannot select the secondary peer. What is the cause?

A: The second Cisco FTD is not the same model as the primary Cisco FTD.
B: An high availability license must be added to the Cisco FMC before adding the high availability pair.
C: The failover link must be defined on each Cisco FTD before adding the high availability pair.
D: Both Cisco FTD devices are not at the same software version.

—

Question 49

An administrator is configuring their transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port, but the Cisco FTD is not processing the traffic. What is the problem?

A: The switches do not have Layer 3 connectivity to the FTD device for GRE traffic transmission.
B: The switches were not set up with a monitor session ID that matches the flow ID defined on the Cisco FTD.
C: The Cisco FTD must be in routed mode to process ERSPAN traffic.
D: The Cisco FTD must be configured with an ERSPAN port not a passive port.

—

Question 50

What is an advantage of adding multiple inline interface pairs to the same inline interface set when deploying an asynchronous routing configuration?

A: Allows the IPS to identify inbound and outbound traffic as part of the same traffic flow.
B: The interfaces disable autonegotiation and interface speed is hard coded set to 1000 Mbps.
C: Allows traffic inspection to continue without interruption during the Snort process restart.
D: The interfaces are automatically configured as a media-independent interface crossover.

—

Page 2 of 14 • Questions 26-50 of 329

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!