ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 308 discussion

Actual exam question from Cisco's 300-710
Question #: 308
Topic #: 1
[All 300-710 Questions]

Users report that Cisco Duo 2FA fails when they attempt to connect to the VPN on a Cisco Secure Firewall Threat Defense (FTD) device. IT staff have VPN profiles that do not require multifactor authentication and they can connect to the VPN without any issues. When viewing the VPN troubleshooting log in Cisco Secure Firewall Management Center (FMC), the network administrator sees an error that the Cisco Duo AAA server has been marked as failed. What is the root cause of the issue?

  • A. AD Trust certificates are missing from the Secure FTD device.
  • B. Multifactor authentication is not supported on Secure FMC managed devices.
  • C. The internal AD server is unreachable from the Secure FTD device.
  • D. Duo trust certificates are missing from the Secure FTD device.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Doris8000 at Aug. 3, 2024, 3:22 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tinyJoe
3 months, 3 weeks ago
Selected Answer: D
I'm not sure; it must be A or D, but I can't decide which. First, as for B and C, they can be completely ruled out from the following document https://duo.com/docs/cisco-firepower#network-diagram The rest are A or D, but I don't know what “Duo Trust Certificate” is at all. There is not a single Cisco document that uses the phrase. I am going to choose D, believing that this may refer to some concept.
upvoted 2 times
whysohardwhy
2 months ago
can't be A because users can connect without MFA, so the hint is that AD side has no problem
upvoted 1 times
...
...
Happy_Shepherd26
5 months, 2 weeks ago
Selected Answer: D
D
upvoted 1 times
...
Alex_morgan
7 months, 2 weeks ago
Selected Answer: D
D. Duo trust certificates are missing from the Secure FTD device. The issue described—where the Cisco Duo AAA server is marked as failed and 2FA (two-factor authentication) fails—typically happens when the trust certificates for Cisco Duo are missing or not properly installed on the Cisco Secure Firewall Threat Defense (FTD) device. Without the necessary certificates, the FTD device cannot securely communicate with the Duo servers, resulting in the failure of multifactor authentication.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago