Summer Certification Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the Cisco CCNP Security 300-710 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam 300-710 Premium Access

View all detail and faqs for the 300-710 exam

Go to Exam

737 Students Passed

85% Average Score

91% Same Questions
Viewing page 8 out of 12 pages
Viewing questions 71-80 out of questions
Questions # 71:

Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

Options:

A.

BGPv6

B.

ECMP with up to three equal cost paths across multiple interfaces

C.

ECMP with up to three equal cost paths across a single interface

D.

BGPv4 in transparent firewall mode

E.

BGPv4 with nonstop forwarding

Questions # 72:

When creating a report template, how can the results be limited to show only the activity of a specific subnet?

Options:

A.

Create a custom search in Firepower Management Center and select it in each section of the report.

B.

Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.

C.

Add a Table View section to the report with the Search field defined as the network in CIDR format.

D.

Select IP Address as the X-Axis in each section of the report.

Questions # 73:

An organization does not want to use the default Cisco Firepower block page when blocking HTTP traffic. The organization wants to include information about its policies and procedures to help educate the users whenever a block occurs. Which two steps must be taken to meet these requirements? (Choose two.)

Options:

A.

Modify the system-provided block page result using Python.

B.

Create HTML code with the information for the policies and procedures.

C.

Edit the HTTP request handling in the access control policy to customized block.

D.

Write CSS code with the information for the policies and procedures.

E.

Change the HTTP response in the access control policy to custom.

Questions # 74:

A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?

Options:

A.

A manual NAT exemption rule does not exist at the top of the NAT table.

B.

An external NAT IP address is not configured.

C.

An external NAT IP address is configured to match the wrong interface.

D.

An object NAT exemption rule does not exist at the top of the NAT table.

Questions # 75:

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

Options:

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet.

Questions # 76:

An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time. What configurationchange must be made to alleviate this issue?

Options:

A.

Leave default networks.

B.

Change the method to TCP/SYN.

C.

Increase the number of entries on the NAT device.

D.

Exclude load balancers and NAT devices.

Questions # 77:

In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

Options:

A.

Traffic inspection can be interrupted temporarily when configuration changes are deployed.

B.

The system performs intrusion inspection followed by file inspection.

C.

They can block traffic based on Security Intelligence data.

D.

File policies use an associated variable set to perform intrusion prevention.

E.

The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.

Questions # 78:

What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

Options:

A.

VPN connections can be re-established only if the failed master unit recovers.

B.

Smart License is required to maintain VPN connections simultaneously across all cluster units.

C.

VPN connections must be re-established when a new master unit is elected.

D.

Only established VPN connections are maintained when a new master unit is elected.

Questions # 79:

Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

Options:

A.

configure manager local 10.0.0.10 Cisco123

B.

configure manager add Cisco123 10.0.0.10

C.

configure manager local Cisco123 10.0.0.10

D.

configure manager add 10.0.0.10 Cisco123

Questions # 80:

Which two actions can be used in an access control policy rule? (Choose two.)

Options:

A.

Block with Reset

B.

Monitor

C.

Analyze

D.

Discover

E.

Block ALL

Viewing page 8 out of 12 pages
Viewing questions 71-80 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA