New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CCNP Security 300-710 Full Course Free

Page: 10 / 18
Question 40

An engineer is troubleshooting a device that cannot connect to a web server. The connection is initiated from the Cisco FTD inside interface and attempting to reach 10.0.1.100 over the non-standard port of 9443 The host the engineer is attempting the connection from is at the IP address of 10.20.10.20. In order to determine what is happening to the packets on the network, the engineer decides to use the FTD packet capture tool Which capture configuration should be used to gather the information needed to troubleshoot this issue?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 41

What is the role of the casebook feature in Cisco Threat Response?

Options:

A.

sharing threat analysts

B.

pulling data via the browser extension

C.

triage automaton with alerting

D.

alert prioritization

Question 42

An engineer needs to configure remote storage on Cisco FMC. Configuration backups must be available from a secure location on the network for disaster recovery. Reports need to back up to a shared location that auditors can access with their Active Directory logins. Which strategy must the engineer use to meet these objectives?

Options:

A.

Use SMB for backups and NFS for reports.

B.

Use NFS for both backups and reports.

C.

Use SMB for both backups and reports.

D.

Use SSH for backups and NFS for reports.

Question 43

A network administrator configured a NAT policy that translates a public IP address to an internal web server IP address. An access policy has also been created that allows any source to reach the public IP address on port 80. The web server is still not reachable from the Internet on port 80. Which configuration change is needed?

Options:

A.

The intrusion policy must be disabled for port 80.

B.

The access policy rule must be configured for the action trust.

C.

The NAT policy must be modified to translate the source IP address as well as destination IP address.

D.

The access policy must allow traffic to the internal web server IP address.

Page: 10 / 18
Exam Code: 300-710
Exam Name: Securing Networks with Cisco Firepower (300-710 SNCF)
Last Update: Dec 23, 2024
Questions: 325
300-710 pdf

300-710 PDF

$28.5  $94.99
300-710 Engine

300-710 Testing Engine

$33  $109.99
300-710 PDF + Engine

300-710 PDF + Testing Engine

$43.5  $144.99