Cisco® 300-710 Exam Practice Questions (P. 1)
- Full Access (343 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
What is a result of enabling Cisco FTD clustering?
- AFor the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.
- BIntegrated Routing and Bridging is supported on the master unit.
- CSite-to-site VPN functionality is limited to the master unit, and all VPN connections are dropped if the master unit fails.Most Voted
- DAll Firepower appliances support Cisco FTD clustering.
Correct Answer:
C
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ clustering_for_the_firepower_threat_defense.html
C
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ clustering_for_the_firepower_threat_defense.html
send
light_mode
delete
Question #2
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)
- AThe units must be the same versionMost Voted
- BBoth devices can be part of a different group that must be in the same domain when configured within the FMC.
- CThe units must be different models if they are part of the same series.
- DThe units must be configured only for firewall routed mode.
- EThe units must be the same model.Most Voted
Correct Answer:
AE
Reference:
https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699-configure-ftd-high-availability-on-firep.html
AE
Reference:
https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699-configure-ftd-high-availability-on-firep.html
send
light_mode
delete
Question #3
On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?
- Atransparent inline mode
- BTAP modeMost Voted
- Cstrict TCP enforcement
- Dpropagate link state
Correct Answer:
D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ inline_sets_and_passive_interfaces_for_firepower_threat_defense.html
D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ inline_sets_and_passive_interfaces_for_firepower_threat_defense.html
send
light_mode
delete
Question #4
What are the minimum requirements to deploy a managed device inline?
- Ainline interfaces, security zones, MTU, and mode
- Bpassive interface, MTU, and mode
- Cinline interfaces, MTU, and modeMost Voted
- Dpassive interface, security zone, MTU, and mode
Correct Answer:
C
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/ ips_device_deployments_and_configuration.html
C
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/ ips_device_deployments_and_configuration.html
send
light_mode
delete
Question #5
What is the difference between inline and inline tap on Cisco Firepower?
- AInline tap mode can send a copy of the traffic to another device.
- BInline tap mode does full packet capture.
- CInline mode cannot do SSL decryption.
- DInline mode can drop malicious traffic.Most Voted
Correct Answer:
D
D

Inline mode actively participates in the traffic flow, allowing Cisco Firepower to not only monitor but also to take action, such as dropping malicious packets based on configured security policies and rules. In contrast, inline tap only monitors and analyzes the traffic by sending a copy to the inspection engine, but it does not have the capability to block or alter the actual traffic flow itself. Thus, inline mode's ability to directly intervene and enforce security measures by dropping traffic is a critical feature, especially for environments where preventing malicious activities is paramount.
send
light_mode
delete
Question #6
With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the appliance?
- Ainline set
- Bpassive
- Crouted
- Dinline tapMost Voted
Correct Answer:
B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ interface_overview_for_firepower_threat_defense.html
B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/ interface_overview_for_firepower_threat_defense.html
send
light_mode
delete
Question #7
Which two deployment types support high availability? (Choose two.)
- AtransparentMost Voted
- BroutedMost Voted
- Cclustered
- Dintra-chassis multi-instance
- Evirtual appliance in public cloud
Correct Answer:
AB
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/ firepower_threat_defense_high_availability.html
AB
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/ firepower_threat_defense_high_availability.html
send
light_mode
delete
Question #8
Which protocol establishes network redundancy in a switched Firepower device deployment?
- ASTPMost Voted
- BHSRP
- CGLBP
- DVRRP
Correct Answer:
A
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/ firepower_threat_defense_high_availability.html
A
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/ firepower_threat_defense_high_availability.html
send
light_mode
delete
Question #9
Which interface type allows packets to be dropped?
- Apassive
- BinlineMost Voted
- CERSPAN
- DTAP
Correct Answer:
B
Reference:
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200908-configuring-firepower-threat-defense-int.html
B
Reference:
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200908-configuring-firepower-threat-defense-int.html
send
light_mode
delete
Question #10
Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)
- ARedundant Interface
- BEtherChannel
- CSpeedMost Voted
- DMedia Type
- EDuplexMost Voted
Correct Answer:
CE
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm-interfaces.html
CE
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm-interfaces.html
send
light_mode
delete
All Pages