Leading Securing Networks With Cisco Firepower (SNCF) 300-710 Exam

NEW QUESTION 1
Which Cisco Firepower feature is used to reduce the number of events received in a period of time?

• A. rate-limiting
• B. suspending
• C. correlation
• D. thresholding

Answer: D

NEW QUESTION 2
What are the minimum requirements to deploy a managed device inline?

• A. inline interfaces, security zones, MTU, and mode
• B. passive interface, MTU, and mode
• C. inline interfaces, MTU, and mode
• D. passive interface, security zone, MTU, and mode

Answer: C

NEW QUESTION 3
DRAG DROP
Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.
Select and Place:

• A. Mastered
• B. Not Mastered

Answer: A

NEW QUESTION 4
Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?

• A. FlexConfig
• B. BDI
• C. SGT
• D. IRB

Answer: D

NEW QUESTION 5
Which command-line mode is supported from the Cisco Firepower Management Center CLI?

• A. privileged
• B. user
• C. configuration
• D. admin

Answer: C

NEW QUESTION 6
Which two deployment types support high availability? (Choose two.)

• A. transparent
• B. routed
• C. clustered
• D. intra-chassis multi-instance
• E. virtual appliance in public cloud

Answer: AB

NEW QUESTION 7
Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)

• A. dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7 application protocols.
• B. reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists
• C. network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country
• D. network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country
• E. reputation-based objects, such as URL categories

Answer: BC

NEW QUESTION 8
With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

• A. inline set
• B. passive
• C. routed
• D. inline tap

Answer: B

NEW QUESTION 9
When do you need the file-size command option during troubleshooting with packet capture?

• A. when capture packets are less than 16 MB
• B. when capture packets are restricted from the secondary memory
• C. when capture packets exceed 10 GB
• D. when capture packets exceed 32 MB

Answer: D

NEW QUESTION 10
Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?

• A. system generate-troubleshoot
• B. show configuration session
• C. show managers
• D. show running-config | include manager

Answer: C

NEW QUESTION 11
Which group within Cisco does the Threat Response team use for threat analysis and research?

• A. Cisco Deep Analytics
• B. OpenDNS Group
• C. Cisco Network Response
• D. Cisco Talos

Answer: D

NEW QUESTION 12
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

• A. The BVI IP address must be in a separate subnet from the connected network.
• B. Bridge groups are supported in both transparent and routed firewall modes.
• C. Bridge groups are supported only in transparent firewall mode.
• D. Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.
• E. Each directly connected network must be on the same subnet.

Answer: CD

NEW QUESTION 13
Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?

• A. Child domains can view but not edit dashboards that originate from an ancestor domain.
• B. Child domains have access to only a limited set of widgets from ancestor domains.
• C. Only the administrator of the top ancestor domain can view dashboards.
• D. Child domains cannot view dashboards that originate from an ancestor domain.

Answer: D

NEW QUESTION 14
What is a valid Cisco AMP file disposition?

• A. non-malicious
• B. malware
• C. known-good
• D. pristine

Answer: B

NEW QUESTION 15
When creating a report template, how can the results be limited to show only the activity of a specific subnet?

• A. Create a custom search in Firepower Management Center and select it in each section of the report.
• B. Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.
• C. Add a Table View section to the report with the Search field defined as the network in CIDR format.
• D. Select IP Address as the X-Axis in each section of the report.

Answer: B

NEW QUESTION 16
A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service? (Choose two.)

• A. outbound port TCP/443
• B. inbound port TCP/80
• C. outbound port TCP/8080
• D. inbound port TCP/443
• E. outbound port TCP/80

Answer: AE

NEW QUESTION 17
Which protocol establishes network redundancy in a switched Firepower device deployment?

• A. STP
• B. HSRP
• C. GLBP
• D. VRRP

Answer: A

NEW QUESTION 18
Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

• A. Windows domain controller
• B. audit
• C. triage
• D. protection

Answer: B

NEW QUESTION 19
Which action should be taken after editing an object that is used inside an access control policy?

• A. Delete the existing object in use.
• B. Refresh the Cisco FMC GUI for the access control policy.
• C. Redeploy the updated configuration.
• D. Create another rule using a different object name.

Answer: C

NEW QUESTION 20
Which Cisco Firepower rule action displays an HTTP warning page?

• A. Monitor
• B. Block
• C. Interactive Block
• D. Allow with Warning

Answer: C

NEW QUESTION 21
......