ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 283 discussion

Actual exam question from Cisco's 300-710
Question #: 283
Topic #: 1
[All 300-710 Questions]

A company is deploying a Cisco Secure IPS device configured in inline mode with a single Interface set that contains four interface pairs. Which two configurations must be implemented to allow the IPS device to uniquely identify packet flows and prevent the reporting of duplicate traffic and false positives? (Choose two.)

  • A. Set the source SPAN ports to tx only on the switches connected to the IPS interfaces
  • B. Modify the security zones used by the Cisco Secure IPS device
  • C. Change the MTU for the inline set to at least 1518
  • D. Reconfigure access rules to drop all but the first occurrence of the packet
  • E. Reassign the interface pairs to separate inline sets
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by aaInman at Dec. 28, 2023, 1:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Stevens0103
Highly Voted 9 months, 3 weeks ago
Selected Answer: BE
"If you assign multiple interface pairs to a single inline interface set but you experience issues with duplicate traffic, reconfigure to help the system uniquely identify packets.For example, you could reassign your interface pairs to separate inline sets or modify your security zones." https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/ips_device_deployments_and_configuration.pdf
upvoted 6 times
...
jsomers
Most Recent 10 months, 3 weeks ago
I second to that. Since we are talking about inline deployment here, the SPAN logic should not apply. It should be B and E.
upvoted 2 times
...
aaInman
11 months, 2 weeks ago
I don't think "A" is correct. "B" and "E" are mentioned over and over again in the documentation, but only as choosing one or the other, not combined like the question asks for.
upvoted 1 times
aaInman
11 months, 2 weeks ago
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/ips_device_deployments_and_configuration.pdf
upvoted 1 times
...
Bubu3k
11 months ago
B&E would be my choice as well, but not sure
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel