Updated 300-710 SNCF Dumps (V23.02) – An Effective Preparation Method for Passing the CCNP Security 300-710 Exam

1. What is a result of enabling Cisco FTD clustering?

2. Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

3. On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?

4. What are the minimum requirements to deploy a managed device inline?

5. What is the difference between inline and inline tap on Cisco Firepower?

6. With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

7. Which two deployment types support high availability? (Choose two.)

8. Which protocol establishes network redundancy in a switched Firepower device deployment?

9. Which interface type allows packets to be dropped?

10. Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

11. Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)

12. Which policy rule is included in the deployment of a local DMZ during the initial deployment of a Cisco NGFW through the Cisco FMC GUI?

13. What are two application layer preprocessors? (Choose two.)

14. An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs

Each DMZ has a unique private IP subnet range.

How is this requirement satisfied?

15. An engineer must configure high availability for the Cisco Firepower devices. The current network topology does not allow for two devices to pass traffic concurrently.

How must the devices be implemented in this environment?

16. When deploying a Cisco ASA Firepower module, an organization wants to evaluate the contents of the traffic without affecting the network. It is currently configured to have more than one instance of the same device on the physical appliance.

Which deployment mode meets the needs of the organization?

17. An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. They are unable to gather information about neighbouring Cisco devices or use multicast in their environment.

What must be done to resolve this issue?

18. A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality. There is a requirement to analyze the traffic going across the device, alert on any malicious traffic, and appear as a bump in the wire.

How should this be implemented?

19. Which two conditions must be met to enable high availability between two Cisco FTD devices? (Choose two.)

20. An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching.

Which action must be taken to meet these requirements?

21. Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN.

What must be configured to meet these requirements?

22. An engineer is configuring a Cisco IPS to protect the network and wants to test a policy before deploying it. A copy of each incoming packet needs to be monitored while traffic flow remains constant.

Which IPS mode should be implemented to meet these requirements?

23. A network security engineer must replace a faulty Cisco FTD device in a high availability pair.

Which action must be taken while replacing the faulty unit?

24. An administrator is optimizing the Cisco FTD rules to improve network performance, and wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD.

Which policy must be configured to accomplish this goal?

25. A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch.

Which firewall mode is the Cisco FTD set up to support?

26. An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices.

Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?

27. Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?

28. Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)

29. When creating a report template, how can the results be limited to show only the activity of a specific subnet?

30. What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

31. Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

32. Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?

33. Which two actions can be used in an access control policy rule? (Choose two.)

34. Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

35. Which object type supports object overrides?

36. Which Cisco Firepower rule action displays an HTTP warning page?

37. What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

38. Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

39. In which two places can thresholding settings be configured? (Choose two.)

40. In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

41. Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

42. A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it.

What is the reason for this issue?

43. An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects.

What is the reason for this failure?

44. An organization is using a Cisco FTD and Cisco ISE to perform identity-based access controls. A network administrator is analyzing the Cisco FTD events and notices that unknown user traffic is being allowed through the firewall.

How should this be addressed to block the traffic while allowing legitimate user traffic?

45. A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic.

Which action accomplishes this task?

46. An engineer is using the configure manager add <FMC IP> Cisc402098527 command to add a new

Cisco FTD device to the Cisco FMC; however, the device is not being added.

Why Is this occurring?

47. An engineer is configuring Cisco FMC and wants to allow multiple physical interfaces to be part of the same VLAN. The managed devices must be able to perform Layer 2 switching between interfaces, including sub-interfaces.

What must be configured to meet these requirements?

48. An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time.

What configuration change must be made to alleviate this issue?

49. An organization does not want to use the default Cisco Firepower block page when blocking HTTP

traffic. The organization wants to include information about its policies and procedures to help educate the users whenever a block occurs.

Which two steps must be taken to meet these requirements? (Choose two.)

50. A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated.

Which configuration addresses this concern?

51. A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown.

What is the cause of this issue?

52. What is the benefit of selecting the trace option for packet capture?

53. After deploying a network-monitoring tool to manage and monitor networking devices in your organization, you realize that you need to manually upload an MIB for the Cisco FMC.

In which folder should you upload the MIB file?

54. Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?

55. Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

56. How many report templates does the Cisco Firepower Management Center support?

57. Which action should be taken after editing an object that is used inside an access control policy?

58. Which Cisco Firepower feature is used to reduce the number of events received in a period of time?

59. Which report template field format is available in Cisco FMC?

60. Which group within Cisco does the Threat Response team use for threat analysis and research?

61. DRAG DROP

Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.

62. Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

63. Which command-line mode is supported from the Cisco Firepower Management Center CLI?

64. Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?

65. Which CLI command is used to control special handling of ClientHello messages?

66. Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high-availability?

67. Which command must be run to generate troubleshooting files on an FTD?

68. When do you need the file-size command option during troubleshooting with packet capture?

69. What is a functionality of port objects in Cisco FMC?

70. Within Cisco Firepower Management Center, where does a user add or modify widgets?

71. A network engineer is configuring URL Filtering on Firepower Threat Defense.

Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service? (Choose two.)

72. What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

73. Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?

74. Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

75. What is a behavior of a Cisco FMC database purge?

76. Which two packet captures does the FTD LINA engine support? (Choose two.)

77. Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)

78. Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

79. Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

80. What is a valid Cisco AMP file disposition?

81. In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

82. Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)

83. Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?

84. What is the maximum SHA level of filtering that Threat Intelligence Director supports?

85. Refer to the exhibit.

And engineer is analyzing the Attacks Risk Report and finds that there are over 300 instances of new operating systems being seen on the network.

How is the Firepower configuration updated to protect these new operating systems?

86. An engineer is implementing Cisco FTD in the network and is determining which Firepower mode to use. The organization needs to have multiple virtual Firepower devices working separately inside of the FTD appliance to provide traffic segmentation.

Which deployment mode should be configured in the Cisco Firepower Management Console to support these requirements?

87. A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet.

How is this accomplished on an FTD device in routed mode?

88. An engineer is configuring a second Cisco FMC as a standby device but is unable to register with the active unit.

What is causing this issue?

89. After using Firepower for some time and learning about how it interacts with the network, an administrator is trying to correlate malicious activity with a user.

Which widget should be configured to provide this visibility on the Cisco Firepower dashboards?

90. An engineer has been asked to show application usages automatically on a monthly basis and send the information to management.

What mechanism should be used to accomplish this task?

91. An engineer is setting up a new Firepower deployment and is looking at the default FMC policies to start the implementation During the initial trial phase, the organization wants to test some common Snort rules while still allowing the majority of network traffic to pass.

Which default policy should be used?

92. An engineer currently has a Cisco FTD device registered to the Cisco FMC and is assigned the address of 10 10.50.12. The organization is upgrading the addressing schemes and there is a requirement to convert the addresses to a format that provides an adequate amount of addresses on the network.

What should the engineer do to ensure that the new addressing takes effect and can be used for the Cisco FTD to Cisco FMC connection?

93. A security engineer is configuring an Access Control Policy for multiple branch locations These locations share a common rule set and utilize a network object called INSIDE_NET which contains the locally significant internal network subnets at each location.

What technique will retain the policy consistency at each location but allow only the locally significant network subnet within the applicable rules?

94. An engineer is troubleshooting application failures through a FTD deployment. While using the FMC CLI. it has been determined that the traffic in question is not matching the desired policy.

What should be done to correct this?

95. An administrator is attempting to remotely log into a switch in the data centre using SSH and is unable to connect.

How does the administrator confirm that traffic is reaching the firewall?

96. What is the advantage of having Cisco Firepower devices send events to Cisco Threat response via the security services exchange portal directly as opposed to using syslog?

97. An organization has noticed that malware was downloaded from a website that does not currently have a known bad reputation.

How will this issue be addresses globally in the quickest way possible and with the least amount of impact?

98. An administrator is working on a migration from Cisco ASA to the Cisco FTD appliance and needs to test the rules without disrupting the traffic.

Which policy type should be used to configure the ASA rules during this phase of the migration?

99. Which two routing options are valid with Cisco FTD? (Choose Two)

100. With Cisco FTD integrated routing and bridging, which interface does the bridge group use to communicate with a routed interface?