Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Cisco
  3. CCNP Security
  4. 300-710
  5. Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Pass the Cisco CCNP Security 300-710 Questions and answers with ValidTests

Exam 300-710 All Questions
Exam 300-710 Premium Access

View all detail and faqs for the 300-710 exam

Go to Exam
Viewing page 7 out of 12 pages
Viewing questions 61-70 out of questions
Questions # 61:

An engineer is configuring Cisco FMC and wants to allow multiple physical interfaces to be part of the same VLAN. The managed devices must be able to perform Layer 2 switching between interfaces, including sub-interfaces. What must be configured to meet these requirements?

Options:

A.

interface-based VLAN switching

B.

inter-chassis clustering VLAN

C.

integrated routing and bridging

D.

Cisco ISE Security Group Tag

Expert Solution
Questions # 62:

An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring?

Options:

A.

The NAT ID is required since the Cisco FMC is behind a NAT device.

B.

The IP address used should be that of the Cisco FTD. not the Cisco FMC.

C.

DONOTRESOLVE must be added to the command

D.

The registration key is missing from the command

Expert Solution
Questions # 63:

Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

Options:

A.

FlexConfig

B.

BDI

C.

SGT

D.

IRB

Expert Solution
Questions # 64:

When creating a report template, how can the results be limited to show only the activity of a specific subnet?

Options:

A.

Create a custom search in Firepower Management Center and select it in each section of the report.

B.

Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.

C.

Add a Table View section to the report with the Search field defined as the network in CIDR format.

D.

Select IP Address as the X-Axis in each section of the report.

Expert Solution
Questions # 65:

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

Options:

A.

Send Cisco FTD connection events and security events directly to SIEM system for storage and analysis.

B.

Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis.

C.

Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis.

D.

Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis.

Expert Solution
Questions # 66:

Which object type supports object overrides?

Options:

A.

time range

B.

security group tag

C.

network object

D.

DNS server group

Expert Solution
Questions # 67:

In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?

Options:

A.

unavailable

B.

unknown

C.

clean

D.

disconnected

Expert Solution
Questions # 68:

What is a valid Cisco AMP file disposition?

Options:

A.

non-malicious

B.

malware

C.

known-good

D.

pristine

Expert Solution
Questions # 69:

Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?

Options:

A.

Add the malicious file to the block list.

B.

Send a snapshot to Cisco for technical support.

C.

Forward the result of the investigation to an external threat-analysis engine.

D.

Wait for Cisco Threat Response to automatically block the malware.

Expert Solution
Questions # 70:

What is the maximum SHA level of filtering that Threat Intelligence Director supports?

Options:

A.

SHA-1024

B.

SHA-4096

C.

SHA-512

D.

SHA-256

Expert Solution
Viewing page 7 out of 12 pages
Viewing questions 61-70 out of questions