Cisco Updated 300-710 Exam Questions and Answers by preston

A correlation policy is a feature that allows you to respond in real time to threats or specific conditions on your network, using correlation rules. A correlation rule can trigger when the system generates a specific type of event, or when your network traffic deviates from its normal profile1. When a correlation rule triggers, the system generates a correlation event and can also launch a response, such as sending an alert, blocking an IP address, or scanning a host1.

In this case, the security engineer can configure a correlation rule that triggers when the system detects five or more connections from external sources within 2 minutes. The engineer can also configure a response that sends an alert to the FMC or an email recipient when this condition is triggered. The engineer can then create a correlation policy that includes this rule and activate it on the FTD device1.

The other options are incorrect because:

An application detector is a feature that allows you to detect web applications, clients, and application protocols based on patterns in network traffic. An application detector does not generate alerts based on the number of connections from external sources2.

An access control policy is a feature that allows you to control traffic flow through your network and inspect traffic for intrusions, malware, and files. An access control policy does not generate alerts based on the number of connections from external sources3.

An intrusion policy is a feature that allows you to detect and prevent malicious network activity using Snort rules. An intrusion policy does not generate alerts based on the number of connections from external sources4.

To add a Cisco Secure Firewall Threat Defense (FTD) device to Cisco Secure Firewall Management Center (FMC), the correct command to use isconfigure manager add 192.168.75.201 . This command registers the FTD device with the FMC using the FMC's IP address and the registration key provided during the FMC setup.

Command structure:

configure manager add

For the given scenario:

FMC IP address: 192.168.75.201

Registration key: provided during FMC setup

Thus, the correct command is:

configure manager add 192.168.75.201

To connect to a Secure Endpoint private cloud instance from Cisco Secure Firewall Management Center (FMC), the network engineer requires the SSL certificate for the Secure Endpoint private cloud instance. This SSL certificate is necessary to establish a secure, trusted connection between the FMC and the private cloud instance.

Steps:

Obtain the SSL certificate from the server administrator.

Import the SSL certificate into the FMC.

Configure the connection to the Secure Endpoint private cloud instance using the provided hostname and SSL certificate.

This ensures a secure and authenticated connection to the private cloud instance.