CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-710

Free 300-710 Exam Braindumps (page: 29)

Page 29 of 66
PDF with 325 Questions

An organization wants to secure traffic from their branch office to the headquarter building using Cisco Firepower devices, They want to ensure that their Cisco Firepower devices are not wasting resources on inspecting the VPN traffic.
What must be done to meet these requirements?

  1. Configure the Cisco Firepower devices to ignore the VPN traffic using prefilter policies
  2. Enable a flexconfig policy to re-classify VPN traffic so that it no longer appears as interesting traffic
  3. Configure the Cisco Firepower devices to bypass the access control policies for VPN traffic.
  4. Tune the intrusion policies in order to allow the VPN traffic through without inspection

Answer(s): B



An organization has implemented Cisco Firepower without IPS capabilities and now wants to enable inspection for their traffic. They need to be able to detect protocol anomalies and utilize the Snort rule sets to detect malicious behaviour. How is this accomplished?

  1. Modify the access control policy to redirect interesting traffic to the engine
  2. Modify the network discovery policy to detect new hosts to inspect
  3. Modify the network analysis policy to process the packets for inspection
  4. Modify the intrusion policy to determine the minimum severity of an event to inspect.

Answer(s): D



Refer to the exhibit.



An organization has an access control rule with the intention of sending all social media traffic for inspection After using the rule for some time, the administrator notices that the traffic is not being inspected, but is being automatically allowed.
What must be done to address this issue?

  1. Modify the selected application within the rule
  2. Change the intrusion policy to connectivity over security.
  3. Modify the rule action from trust to allow
  4. Add the social network URLs to the block list

Answer(s): A



Which feature within the Cisco FMC web interface allows for detecting, analyzing and blocking malware in network traffic?

  1. intrusion and file events
  2. Cisco AMP for Endpoints
  3. Cisco AMP for Networks
  4. file policies

Answer(s): C



Page 29 of 66



Post your Comments and Discuss Cisco® 300-710 exam with other Community members:

Neo commented on October 10, 2024
Gets easier as you go along
SOUTH AFRICA
upvote

Neo commented on October 10, 2024
Need more practice
SOUTH AFRICA
upvote

Violet commented on October 10, 2024
Need more practice
SOUTH AFRICA
upvote

Neo commented on October 10, 2024
Challenging
SOUTH AFRICA
upvote

Kopano commented on October 10, 2024
Prep going well
SOUTH AFRICA
upvote

Neo commented on October 10, 2024
Happy with the material
SOUTH AFRICA
upvote

Emily commented on October 09, 2024
A bit challe
SOUTH AFRICA
upvote

Emily commented on October 09, 2024
grt resource
SOUTH AFRICA
upvote