ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 335 discussion

Actual exam question from Cisco's 300-710
Question #: 335
Topic #: 1
[All 300-710 Questions]



Refer to the exhibit. An engineer is configuring access control rules on a Cisco Secure Firewall Threat Defense device. The access control rules must include a file policy with rules that will trigger when MSEXE files are accessed. Which two actions must be configured in the access rule? (Choose two.)

  • A. block files with reset
  • B. interactive block
  • C. monitor
  • D. allow
  • E. trust
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
by tinyJoe at Jan. 18, 2025, 12:50 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jcjcjcjcjc
2 months, 1 week ago
Selected Answer: BC
You can associate a single file policy with an access control rule whose action is Allow, Interactive Block, or Interactive Block with reset.
upvoted 1 times
jcjcjcjcjc
2 months, 1 week ago
Meant BD
upvoted 1 times
...
...
tinyJoe
3 months, 2 weeks ago
Selected Answer: BD
Definitely not AC. The answer is BD. I have verified in my lab that if you set the ACP action to A/C/E, the File Policy (and Intrusion Policy) is automatically set to "None" and cannot be changed. File Policy can only be set when ACP actions are B and D.
upvoted 3 times
Silexis
3 months ago
According to this doc it seems it could: "Access Control Rule Monitor Action The Monitor action is not designed to permit or deny traffic. Rather, its primary purpose is to force connection logging, regardless of how matching traffic is eventually handled. If a connection matches a Monitor rule, the next non-Monitor rule that the connection matches should determine traffic handling and any further inspection. If there are no additional matching rules, the system should use the default action. " https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/access_control_rules.html#ID-2190-0000023b And from the link above, I will go with C and D actually, in the ACP
upvoted 1 times
Andy0724
2 months, 1 week ago
i will go for C and D as well.
upvoted 1 times
...
...
Silexis
3 months ago
You have most probably got that result because you were putting the Block statement, before the File/Intrusion Policies so there was no any other possible action on the flow to be made because it became discarded
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago