Which action must be taken on the Cisco FMC when a packet bypass is configured in case the Snort engine is down or a packet takes too long to process?
A. Enable Automatic Application Bypass.
B. Add a Bypass Threshold policy for failures.
C. Configure Fastpath rules to bypass inspection.
D. Enable Inspect Local Router Traffic.
An engineer is configuring multiple Cisco FTD appliances for use in the network. Which rule must the engineer follow while defining interface objects in Cisco FMC for use with interfaces across multiple devices?
A. Two security zones can contain the same interface.
B. Interface groups can contain interfaces from many devices.
C. An interface cannot belong to a security zone and an interface group.
D. Interface groups can contain multiple interface types.
An organization is configuring a new Cisco Firepower High Availability deployment. Which action must be taken to ensure that failover is as seamless as possible to end users?
A. Set the same FQDN for both chassis.
B. Set up a virtual failover MAC address between chassis.
C. Load the same software version on both chassis.
D. Use a dedicated stateful link between chassis.
A Cisco FMC administrator wants to configure fastpathing of trusted network traffic to increase performance. In which type of policy would the administrator configure this feature?
A. Network Analysis policy
B. Identity policy
C. Prefilter policy
D. Intrusion policy
An engineer is creating an URL object on Cisco FMC. How must it be configured so that the object will match for HTTPS traffic in an access control policy?
A. Specify the protocol to match (HTTP or HTTPS).
B. Use the FQDN including the subdomain for the website.
C. Use the subject common name from the website certificate.
D. Define the path to the individual webpage that uses HTTPS.
A network administrator has converted a Cisco FTD from using LDAP to LDAPS for VPN authentication. The Cisco FMC can connect to the LDAPS server, but the Cisco FTD is not connecting. Which configuration must be enabled on the Cisco FTD?
A. SSL must be set to a use TLSv1.2 or lower.
B. The LDAPS must be allowed through the access control policy.
C. DNS servers must be defined for name resolution.
D. The RADIUS server must be defined.
An engineer must configure the firewall to monitor traffic within a single subnet without increasing the hop count of that traffic. How would the engineer achieve this?
A. Configure Cisco Firepower as a transparent firewall.
B. Set up Cisco Firepower as managed by Cisco FDM.
C. Configure Cisco Firepower in FXOS monitor only mode.
D. Set up Cisco Firepower in intrusion prevention mode.
Which firewall design will allow it to forward traffic at layers 2 and 3 for the same subnet?
A. routed mode
B. Cisco Firepower Threat Defense mode
C. transparent mode
D. integrated routing and bridging
What is the RTC workflow when the infected endpoint is identified?
A. Cisco ISE instructs Cisco AMP to contain the infected endpoint.
B. Cisco ISE instructs Cisco FMC to contain the infected endpoint.
C. Cisco AMP instructs Cisco FMC to contain the infected endpoint.
D. Cisco FMC instructs Cisco ISE to contain the infected endpoint.
A network administrator is trying to convert from LDAP to LDAPS for VPN user authentication on a Cisco FTD. Which action must be taken on the Cisco FTD objects to accomplish this task?
A. Add a Key Chain object to acquire the LDAPS certificate.
B. Create a Certificate Enrollment object to get the LDAPS certificate needed.
C. Identify the LDAPS cipher suite and use a Cipher Suite List object to define the Cisco FTD connection requirements.
D. Modify the Policy List object to define the session requirements for LDAPS.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-710 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.