Designing Cisco Security Infrastructure

Here you have the best Cisco 300-745 practice exam questions

You have 61 total questions to study from
Each page has 5 questions, making a total of 13 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on December 16, 2025
This site is not affiliated with or endorsed by Cisco.

Question 1 of 61

A restaurant distribution center recently suffered a password spray attack targeting the Cisco Secure Firepower Threat Defense VPN headend. The attack attempts to gain unauthorized access by trying common passwords across many accounts. The attack poses a significant security threat to the organization’s remote access infrastructure. To enhance the security of VPN setup and minimize the risk of similar attacks in the future, the IT security team must implement effective mitigation measures. Which technique effectively reduces the risk of this type of attack?

Implement an access list to block addresses from the previous password spray attack.

Disable group aliases in the connection profiles.

Change the AAA authentication method from RADIUS to TACACS+.

Enable AAA authentication for the DefaultWEBVPN and DefaultRAGroup Connection Profiles.

Correct Answer: D

Question 2 of 61

A software development company uses multiple cloud providers to host the applications. The company is designing a scalable firewall solution that must meet the requirements:
Consistent security policies across multiple cloud environments.
Centralized visibility and management.
Scalability to accommodate different cloud platforms.
Which type of firewall meets the requirements?

traditional firewall

zone-based firewall

distributed firewall

host-based firewall

Correct Answer: C

Question 3 of 61

A video game company identified a potential threat of a SYN flood attack, which could disrupt the online gaming services and impact user experience. The attack can overwhelm network resources by exploiting the TCP handshake process, leading to server unavailability and degraded performance. To safeguard the company's infrastructure and ensure uninterrupted service, it is essential to enhance the security measures in place. The company must implement a solution that manages and mitigates the risk of such network-based attacks. Which security product must be implemented to mitigate similar risks?

Cisco Web Security Appliance

Cisco Umbrella

Cisco Secure Endpoint

Cisco Secure Firewall

Correct Answer: D

Question 4 of 61

A legal services company wants to prevent remote employees from accessing personal email and social media accounts while using corporate laptops. Which security solution enforces the policy?

Cisco TrustSec

RADIUS server

Cisco Umbrella

network monitoring tool

Correct Answer: C

Question 5 of 61

A developer company recently made a contract with new customer in the financial space. The customer has multiple remote sites and requires a VPN solution with the highest encryption. Which protocol must be used in IPsec Phase 2?

ESP

ISAKMP

SD-WAN

IKE

Correct Answer: A