ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 257 discussion

Actual exam question from Cisco's 300-710
Question #: 257
Topic #: 1
[All 300-710 Questions]

An engineer must investigate a connectivity issue from an endpoint behind a Cisco FTD device and a public DNS server. The endpoint cannot perform name resolution queries. Which action must the engineer perform to troubleshoot the issue by simulating real DNS traffic on the Cisco FTD while verifying the Snort verdict?

  • A. Use the Capture w/Trace wizard in Cisco FMC.
  • B. Run the system support firewall-engine-debug command from the FTD CLI.
  • C. Create a Custom Workflow in Cisco FMC.
  • D. Perform a Snort engine capture using tcpdump from the FTD CLI.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by c946f3e at Sept. 14, 2023, 10 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Joninjimbo
Highly Voted 1 year, 6 months ago
Selected Answer: A
I would also say A. The requirements are "troubleshoot the issue by simulating real DNS traffic" .. this would indicate using optiong A which includes a Trace to simulate the traffic flow.
upvoted 5 times
aaInman
1 year, 2 months ago
A - is 100% correct.
upvoted 3 times
...
...
d0980cc
Most Recent 3 weeks, 4 days ago
Selected Answer: B
I think the answer is B, because the question specifically ask, "on the Cisco FTD while verifying the Snort verdict". https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212321-clarify-the-firepower-threat-defense-acc.html#:~:text=Allows%20to%20run%20system%20support%20firewall%2Dengine%2Ddebug%20at%20the%20same%20time%20to%20see%20what%20happens%20within%20the%20Snort%20engine%20itself
upvoted 1 times
...
Happy_Shepherd26
5 months, 4 weeks ago
Selected Answer: B
It says "simulating" so definitely not A
upvoted 2 times
...
eafea4f
9 months, 3 weeks ago
Selected Answer: A
TCPdump doesn't simulate packets.
upvoted 1 times
...
c946f3e
1 year, 7 months ago
A: See reference https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212474-working-with-firepower-threat-defense-f.html
upvoted 1 times
...
c946f3e
1 year, 7 months ago
A To trace a real packet is very useful to troubleshoot connectivity issues. It allows you to see all the internal checks that a packet goes through. Add the trace detail keywords and specify the number of packets that you want to be traced. By default, the FTD traces the first 50 ingress packets. In this case, enable capture with trace detail for the first 100 packets that FTD receives on the INSIDE interface: > capture CAPI2 interface INSIDE trace detail trace-count 100 match icmp host 192.168.103.1 host 192.168.101.1
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago