300-710 Free Practice Test

- (Exam Topic 3)
What is a functionality of port objects in Cisco FMC?

1. A. to mix transport protocols when setting both source and destination port conditions in a rule
2. B. to represent protocols other than TCP, UDP, and ICMP
3. C. to represent all protocols in the same way
4. D. to add any protocol other than TCP or UDP for source port conditions in access control rules.

Correct Answer: B
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/reusable_objects.html

- (Exam Topic 5)
Refer to the exhibit.

What must be done to fix access to this website while preventing the same communication to all other websites?

1. A. Create an intrusion policy rule to have Snort allow port 80 to only 172.1.1 50.
2. B. Create an access control policy rule to allow port 80 to only 172.1.1 50.
3. C. Create an intrusion policy rule to have Snort allow port 443 to only 172.1.1.50
4. D. Create an access control policy rule to allow port 443 to only 172.1.1 50

Correct Answer: B

- (Exam Topic 5)
An engineer is configuring Cisco FMC and wants to limit the time allowed for processing packets through the interface However if the time is exceeded the configuration must allow packets to bypass detection What must be configured on the Cisco FMC to accomplish this task?

1. A. Fast-Path Rules Bypass
2. B. Cisco ISE Security Group Tag
3. C. Inspect Local Traffic Bypass
4. D. Automatic Application Bypass

Correct Answer: D

- (Exam Topic 5)
An engineer must investigate a connectivity issue and decides to use the packet capture feature on Cisco FTD. The goal is to see the real packet going through the Cisco FTD device and see the Snort detection actions as a part of the output. After the capture-traffic command is issued, only the packets are displayed. Which action resolves this issue?

1. A. Use the verbose option as a part of the capture-traffic command
2. B. Use the capture command and specify the trace option to get the required information.
3. C. Specify the trace using the -T option after the capture-traffic command.
4. D. Perform the trace within the Cisco FMC GUI instead of the Cisco FTD CLI.

Correct Answer: B

- (Exam Topic 5)
Refer to the exhibit.

An administrator is looking at some of the reporting capabilities for Cisco Firepower and noticed this section of the Network Risk report showing a lot of SSL activity that cloud be used for evasion. Which action will mitigate this risk?

1. A. Use SSL decryption to analyze the packets.
2. B. Use encrypted traffic analytics to detect attacks
3. C. Use Cisco AMP for Endpoints to block all SSL connection
4. D. Use Cisco Tetration to track SSL connections to servers.

Correct Answer: A