300-710認定の有効な試験問題集解答学習ガイド!(最新の324問題)
300-710問題集で時間限定!無料アクセスせよ
Cisco 300-710 (Securing Networks with Cisco Firepower) 認定試験は、Cisco Firepower Next-Generation Firewall (NGFW) ソリューションを実装および管理するために必要な知識とスキルを検証するプロフェッショナルレベルの試験です。この試験は、セキュリティプロフェッショナル、ネットワークエンジニア、およびネットワーク管理者を対象に設計されており、Cisco Firepower NGFW を使用してセキュリティポリシーを実装および管理する責任がある人々に適しています。
質問 # 161
Which Cisco Firepower rule action displays an HTTP warning page?
- A. Allow with Warning
- B. Interactive Block
- C. Block
- D. Monitor
正解:B
解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System- UserGuide-v5401/AC-Rules-Tuning-Overview.html#76698
質問 # 162
An engineer has been tasked with providing disaster recovery for an organization's primary Cisco FMC. What must be done on the primary and secondary Cisco FMCs to ensure that a copy of the original corporate policy is available if the primary Cisco FMC fails?
- A. Restore the primary Cisco FMC backup configuration to the secondary Cisco FMC device when the primary device fails
- B. Connect the primary and secondary Cisco FMC devices with Category 6 cables of not more than 10 meters in length.
- C. Configure high-availability in both the primary and secondary Cisco FMCs
- D. Place the active Cisco FMC device on the same trusted management network as the standby device
正解:A
質問 # 163
What is a functionality of port objects in Cisco FMC?
- A. to represent all protocols in the same way
- B. to mix transport protocols when setting both source and destination port conditions in a rule
- C. to add any protocol other than TCP or UDP for source port conditions in access control rules.
- D. to represent protocols other than TCP, UDP, and ICMP
正解:D
解説:
Section: Management and Troubleshooting
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/reusable_objects.html
質問 # 164
What is a functionality of port objects in Cisco FMC?
- A. to represent all protocols in the same way
- B. to mix transport protocols when setting both source and destination port conditions in a rule
- C. to add any protocol other than TCP or UDP for source port conditions in access control rules.
- D. to represent protocols other than TCP, UDP, and ICMP
正解:D
解説:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/reusable_objects.html
質問 # 165
Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.
正解:
解説:
質問 # 166
Encrypted Visibility Engine (EVE) is enabled under which lab on an access control policy in Cisco Secure Firewall Management Centre?
- A. Advanced
- B. Network Analysis Policy
- C. Security Intelligence
- D. SSL
正解:D
解説:
The Encrypted Visibility Engine (EVE) in Cisco Secure Firewall Management Center is enabled under the SSL tab of an access control policy. EVE provides visibility into encrypted traffic, allowing the firewall to detect threats even when traffic is encrypted.
Steps to enable EVE:
* Navigate to the access control policy in FMC.
* Go to the SSL tab.
* Enable Encrypted Visibility Engine (EVE) to analyze encrypted traffic.
This configuration helps in identifying and mitigating threats within encrypted traffic without the need for full decryption.
References: Cisco Secure Firewall Management Center Configuration Guide, Chapter on SSL and Encrypted Traffic Visibility.
質問 # 167
An engineer is configuring URL filtering tor a Cisco Secure Firewall Threat Defense device in Cisco Secure Firewall Management Centre. Use's must receive a warning when they access
..wwww badaduitsito com with the option of continuing to the website if they choose to No other websites should he blocked. Which two actions must the engineer take to moot these requirements?
- A. On the HTTP Responses tab of the access control policy editor, set the Interactive Block Response Page to System-provided.
- B. Configure the default action for the access control policy to Interactive Block.
- C. Configure an access control rule that matches the Adult URL category and sot the action to Interactive Block
- D. On the HTTP Responses tab of the access control policy editor set the Block Response Page to Custom.
- E. Configure
an access control rule that matches an URL object for http://www.Dadadullsile.com
' and set the action to Interactive Block.
正解:A、E
解説:
To configure URL filtering such that users receive a warning when they access a specific website (e.g.,
http://www.badadultsite.com) and have the option to continue to the site, the engineer needs to perform the following actions:
* Configure an access control rule:
* Create a URL object for http://www.badadultsite.com.
* Set the action for this URL object to "Interactive Block," which prompts the user with a warning and allows them to proceed if they choose to.
* Set the Interactive Block Response Page:
* Navigate to the HTTP Responses tab in the access control policy editor.
* Set the Interactive Block Response Page to "System-provided" to ensure that users see the default warning page provided by Cisco Secure Firewall Management Center.
These actions ensure that only the specified website triggers an interactive block, while other websites are not blocked.
References: Cisco Secure Firewall Management Center Administrator Guide, Chapter on Access Control and URL Filtering.
質問 # 168
An administrator receives reports that users cannot access a cloud-hosted web server. The access control policy was recently updated with several new policy additions and URL filtering. What must be done to troubleshoot the issue and restore access without sacrificing the organization's security posture?
- A. Identify the blocked traffic in the Cisco FMC connection events to validate the block, and modify the policy to allow the traffic to the web server.
- B. Create a new access control policy rule to allow ports 80 and 443 to the FQDN of the web server.
- C. Download a PCAP of the traffic attempts to verify the blocks and use the flexconfig objects to create a rule that allows only the required traffic to the destination server.
- D. Verify the blocks using the packet capture tool and create a rule with the action monitor for the traffic.
正解:B
質問 # 169
An engainer must add DNS-specific rules to me Cisco FTD intrusion policy. The engineer wants to use the rules currently in the Cisco FTD Snort database that are not already enabled but does not want to enable more than are needed. Which action meets these requirements?
- A. Change the dynamic state of the rule within the policy.
- B. Change the rules using the Generate and Use Recommendations feature.
- C. Change the base policy to Security over Connectivity.
- D. Change the rule state within the policy being used.
正解:D
質問 # 170
A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to support?
- A. routed
- B. high availability clustering
- C. transparent
- D. active/active failover
正解:C
質問 # 171
What is the advantage of having Cisco Firepower devices send events to Cisco Threat Response via the security services exchange portal directly as opposed to using syslog?
- A. All types of Cisco Firepower devices are supported.
- B. An on-premises proxy server does not need to be set up and maintained.
- C. Supports all devices that are running supported versions of Cisco Firepower.
- D. Cisco Firepower devices do not need to be connected to the Internet.
正解:B
質問 # 172
An engineer must configure a Cisco FMC dashboard in a multidomain deployment Which action must the engineer take to edit a report template from an ancestor domain?
- A. Assign themselves ownership of it
- B. Copy it to the current domain
- C. Add it as a separate widget.
- D. Change the document attributes.
正解:B
質問 # 173
Which protocol establishes network redundancy in a switched Firepower device deployment?
- A. STP
- B. HSRP
- C. VRRP
- D. GLBP
正解:A
解説:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/firepower_threat_defense_high_availability.html
質問 # 174
What are two application layer preprocessors? (Choose two.)
- A. ICMP
- B. DNP3
- C. CIFS
- D. IMAP
- E. SSL
正解:D、E
解説:
Section: Deployment
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide- v60/Application_Layer_Preprocessors.html
質問 # 175
On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?
- A. propagate link state
- B. TAP mode
- C. strict TCP enforcement
- D. transparent inline mode
正解:A
質問 # 176
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)
- A. The units must be the same model.
- B. The units must be different models if they are part of the same series.
- C. The units must be the same version
- D. Both devices can be part of a different group that must be in the same domain when configured within the FMC.
- E. The units must be configured only for firewall routed mode.
正解:A、C
質問 # 177
Which protocol establishes network redundancy in a switched Firepower device deployment?
- A. STP
- B. HSRP
- C. VRRP
- D. GLBP
正解:A
質問 # 178
A network administrator is reviewing a monthly advanced malware risk report and notices a host that Is listed as CnC Connected. Where must the administrator look within Cisco FMC to further determine if this host is infected with malware?
- A. Analysis > Hosts > Host Attributes
- B. Analysts > Files > Malware Events
- C. Analysis > Hosts > indications of Compromise
- D. Analysis > Flies > Network File Trajectory
正解:C
解説:
Explanation
To determine if a host is infected with malware, the network administrator can look at the Indications of Compromise (IOC) feature in Cisco FMC. The IOC feature analyzes network and endpoint data collected by Firepower sensors and AMP for Endpoints connectors, and identifies hosts that exhibit signs of compromise or infection. The IOC feature uses predefined rules based on Cisco Talos intelligence and other sources to detect IOCs on hosts. One of these rules is CnC Connected, which indicates that a host has communicated with a command-and-control (CnC) server that is known to be associated with malware activity2.
To view the IOC information for a host, the network administrator can navigate to Analysis > Hosts > Indications of Compromise in Cisco FMC, and select a host from the table. The IOC Details page will show the IOC events for that host, including the CnC Connected event, along with other information such as severity, timestamp, source, destination, protocol, and rule name. The network administrator can also view more details about each IOC event by clicking on it2.
The other options are incorrect because:
Analysis > Files > Malware Events shows information about files that have been detected as malware by Firepower sensors or AMP for Endpoints connectors. This does not show information about hosts that are infected with malware or have communicated with CnC servers3.
Analysis > Hosts > Host Attributes shows information about hosts that have been discovered by Firepower sensors, such as IP address, MAC address, operating system, applications, users, vulnerabilities, and so on. This does not show information about IOCs or CnC connections on hosts4.
Analysis > Files > Network File Trajectory shows information about files that have traversed your network and have been detected by Firepower sensors or AMP for Endpoints connectors. This allows you to track where a file came from, where it went, and what happened to it along the way. This does not show information about hosts that are infected with malware or have communicated with CnC servers5.
質問 # 179
......
Cisco 300-710(Securing Networks with Cisco Firepower)認定試験は、Cisco Firepower Next-Generation Firewall(NGFW)およびCisco Firepower Management Center(FMC)の実装とトラブルシューティングに関する知識とスキルを評価するために設計されています。認定試験は、Cisco Firepower NGFWおよびFMCを使用したネットワークセキュリティの専門家を対象としており、ネットワークセキュリティソリューションの設計、実装、およびトラブルシューティングに責任を持っている人々を対象としています。
Cisco 300-710認定試験は、Cisco Firepowerでネットワークを保護することとも呼ばれますが、Cisco Firepowerテクノロジーを使用してネットワークインフラストラクチャを保護する際にIT専門家の知識とスキルをテストするように設計されています。この試験では、Cisco Firpower Next-Generation Firewall(NGFW)およびCisco Firepower Management Center(FMC)の実装、構成、および管理に焦点を当てています。
Cisco 300-710試験実践テスト問題:https://jp.fast2test.com/300-710-premium-file.html
300-710問題集で2024年最新のCisco 300-710試験問題:https://drive.google.com/open?id=1ELuILUkpPy5x-yXD82UVNdYvND8jOc-T