Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Cisco
  3. CCNP Security
  4. 300-710 - Securing Networks with Cisco Firepower (300-710 SNCF)

300-710 Exam Dumps - Securing Networks with Cisco Firepower (300-710 SNCF)

Go to page:
Question # 17

An administrator is configuring their transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port, but the Cisco FTD is not processing the traffic. What is the problem?

A.

The switches do not have Layer 3 connectivity to the FTD device for GRE traffic transmission.

B.

The switches were not set up with a monitor session ID that matches the flow ID defined on the Cisco

FTD.

C.

The Cisco FTD must be in routed mode to process ERSPAN traffic.

D.

The Cisco FTD must be configured with an ERSPAN port not a passive port.

Full Access
Question # 18

There is an increased amount of traffic on the network and for compliance reasons, management needs visibility into the encrypted traffic What is a result of enabling TLS'SSL decryption to allow this visibility?

A.

It prompts the need for a corporate managed certificate

B.

It has minimal performance impact

C.

It is not subject to any Privacy regulations

D.

It will fail if certificate pinning is not enforced

Full Access
Question # 19

An engineer must configure high availability for the Cisco Firepower devices. The current network topology does not allow for two devices to pass traffic concurrently. How must the devices be implemented in this environment?

A.

in active/active mode

B.

in a cluster span EtherChannel

C.

in active/passive mode

D.

in cluster interface mode

Full Access
Question # 20

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

A.

Redundant Interface

B.

EtherChannel

C.

Speed

D.

Media Type

E.

Duplex

Full Access
Question # 21

What are two application layer preprocessors? (Choose two.)

A.

CIFS

B.

IMAP

C.

SSL

D.

DNP3

E.

ICMP

Full Access
Question # 22

An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?

A.

Configure an IPS policy and enable per-rule logging.

B.

Disable the default IPS policy and enable global logging.

C.

Configure an IPS policy and enable global logging.

D.

Disable the default IPS policy and enable per-rule logging.

Full Access
Question # 23

Which interface type allows packets to be dropped?

A.

passive

B.

inline

C.

ERSPAN

D.

TAP

Full Access
Question # 24

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A.

Shut down the Cisco FMC before powering up the replacement unit.

B.

Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC.

C.

Unregister the faulty Cisco FTD device from the Cisco FMC

D.

Shut down the active Cisco FTD device before powering up the replacement unit.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps