ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 346 discussion

Actual exam question from Cisco's 300-710
Question #: 346
Topic #: 1
[All 300-710 Questions]

An engineer must deploy a Cisco Secure Firewall Threat Defense instance. The company wants the Secure Firewall Threat Defense deployment to allow business traffic in the event of any type of failure, and there must be no connectivity issues caused by the IPS in the perimeter of its data center. Which implementation mode must the engineer use?

  • A. hardware bypass
  • B. Snort fail open
  • C. inline set
  • D. passive
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by whysohardwhy at Feb. 18, 2025, 1:37 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Andy0724
1 month, 2 weeks ago
Selected Answer: D
Passive mode, because in passive mode FTD will not sit physically inserted into the path. Copy of traffic will be sent to IPS with the help of SPAN/RSPAN/ERSPAN technology. So, we can avoid both hardware failure and Snort engine failure as well.
upvoted 2 times
...
whysohardwhy
1 month, 4 weeks ago
Selected Answer: A
I feel the "any type of failure" is the hint. if it's just software - sure that's B. This one feels like it's talking about even hardware failure.
upvoted 1 times
...
whysohardwhy
1 month, 4 weeks ago
Selected Answer: A
For certain interface modules on the Firepower 9300, 4100, and 2100 series (see Requirements and Prerequisites for Inline Sets), you can enable the Hardware Bypass feature. Hardware Bypass ensures that traffic continues to flow between an inline interface pair during a power outage. This feature can be used to maintain network connectivity in the case of software or hardware failures.
upvoted 2 times
d0980cc
1 week, 4 days ago
Of the options given, "A" is the best choice. Even if a Layer 1 issue occurs traffic would continue to flow, with some interruption. If a Layer 1 occurs in any of the other options, traffice would cease. https://www.cisco.com/c/en/us/td/docs/security/firepower/4100/hw/guide/b_install_guide_4100/overview.html#:~:text=When%20the%20appliance%20switches%20from%20normal%20operation%20to%20hardware%20bypass%20or%20from%20hardware%20bypass%20back%20to%20normal%20operation%2C%20traffic%20may%20be%20interrupted%20for%20several%20seconds.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago