Summer Certification Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
Cisco
CCNP Security
300-710
Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Pass the Cisco CCNP Security 300-710 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam 300-710 Premium Access

View all detail and faqs for the 300-710 exam

Go to Exam

737 Students Passed

85% Average Score

91% Same Questions

Viewing page 9 out of 12 pages

Viewing questions 81-90 out of questions

Questions # 81:

An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring?

Options:

The NAT ID is required since the Cisco FMC is behind a NAT device.

The IP address used should be that of the Cisco FTD. not the Cisco FMC.

DONOTRESOLVE must be added to the command

The registration key is missing from the command

Answer

Questions # 82:

An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?

Options:

The interfaces are being used for NAT for multiple networks.

The administrator is adding interfaces of multiple types.

The administrator is adding an interface that is in multiple zones.

The interfaces belong to multiple interface groups.

Answer

Explanation

https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide- v62/reusable_objects.html#ID-2243-000009b4

"All interfaces in an interface object must be of the same type: all inline, passive, switched, routed, or ASA FirePOWER. After you create an interface object, you cannot change the type of interfaces it contains."

Questions # 83:

What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

Options:

The rate-limiting rule is disabled.

Matching traffic is not rate limited.

The system rate-limits all traffic.

The system repeatedly generates warnings.

Answer

Explanation

[Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/quality_of_service_qos.pdf, ]

Questions # 84:

Which object type supports object overrides?

Options:

time range

security group tag

network object

DNS server group

Answer

Explanation

[Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide- v60/Reusable_Objects.html#concept_8BFE8B9A83D742D9B647A74F7AD50053, ]

Questions # 85:

Which Cisco Firepower rule action displays an HTTP warning page?

Options:

Monitor

Block

Interactive Block

Allow with Warning

Answer

Explanation

[Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System- UserGuide-v5401/AC-Rules-Tuning-Overview.html#76698, ]

Questions # 86:

An engineer is configuring Cisco FMC and wants to allow multiple physical interfaces to be part of the same VLAN. The managed devices must be able to perform Layer 2 switching between interfaces, including sub-interfaces. What must be configured to meet these requirements?

Options:

interface-based VLAN switching

inter-chassis clustering VLAN

integrated routing and bridging

Cisco ISE Security Group Tag

Answer

Questions # 87:

Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choosetwo.)

Options:

OSPFv2 with IPv6 capabilities

virtual links

SHA authentication to OSPF packets

area boundary router type 1 LSA filtering

MD5 authentication to OSPF packets

Answer

B, E

Explanation

[Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/ospf_for_firepower_threat_defense.html, ]

Questions # 88:

In which two places can thresholding settings be configured? (Choose two.)

Options:

on each IPS rule

globally, within the network analysis policy

globally, per intrusion policy

on each access control rule

per preprocessor, within the network analysis policy

Answer

A, C

Explanation

[Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa- firepower-module-user-guide-v541/Intrusion-Global-Threshold.pdf, ]

Questions # 89:

Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

Options:

dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7 application protocols.

reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists

network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country

network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country

reputation-based objects, such as URL categories

Answer

B, C

Explanation

[Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/reusable_objects.html#ID-2243-00000414, , ]

Questions # 90:

An organization is using a Cisco FTD and Cisco ISE to perform identity-based access controls. A network administrator is analyzing the Cisco FTD events and notices that unknown user traffic is being allowed through the firewall. How should this be addressed to block the traffic while allowing legitimate user traffic?

Options:

Modify the Cisco ISE authorization policy to deny this access to the user.

Modify Cisco ISE to send only legitimate usernames to the Cisco FTD.

Add the unknown user in the Access Control Policy in Cisco FTD.

Add the unknown user in the Malware & File Policy in Cisco FTD.

Answer

Explanation

[Reference:https://www.cisco.com/c/en/us/td/docs/security/firepower/640/fdm/fptd-fdm-config-guide-640/fptd-fdm-identity.html#concept_655B055575E04CA49B10186DEBDA301A, , , ]

Viewing page 9 out of 12 pages

Viewing questions 81-90 out of questions