Pass 300-710 SNCF in Just 3 Days – Stress-Free!
Get your 300-710 Securing Networks with Cisco Firepower certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
Question 11
Which two dynamic routing protocols are supported in Cisco FTD without using FlexConfig? (Choose two.)
- A. EIGRP
- B. OSPF
- C. Static routing
- D. IS-IS
- E. BGP
Correct Answer: B, E
Question 12
Which policy rule is included in the deployment of a local DMZ during the initial deployment of a Cisco NGFW through the Cisco FMC GUI?
- A. A default DMZ policy for which only a user can change the IP addresses.
- B. Deny IP any.
- C. No policy rule is included.
- D. Permit IP any.
Correct Answer: C
Question 13
What are two application layer preprocessors? (Choose two.)
- A. CIFS
- B. IMAP
- C. SSL
- D. DNP3
- E. ICMP
Correct Answer: B, C
Question 14
An engineer is implementing Cisco FTD in the network and is determining which Firepower mode to use. The organization needs to have multiple virtual Firepower devices working separately inside of the FTD appliance to provide traffic segmentation. Which deployment mode should be configured in the Cisco Firepower Management Console to support these requirements?
- A. Multi-instance
- B. Multiple deployment
- C. Single deployment
- D. Single-context
Correct Answer: A
Question 15
A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet. How is this accomplished on an FTD device in routed mode?
- A. By assigning an inline set interface.
- B. By using a BVI and creating a BVI IP address in the same subnet as the user segment.
- C. By leveraging the ARP to direct traffic through the firewall.
- D. By bypassing protocol inspection by leveraging pre-filter rules.
Correct Answer: B
Question 16
An engineer is configuring a Cisco FTD appliance in IPS-only mode and needs to utilize fail-to-wire interfaces. Which interface mode should be used to meet these requirements?
- A. Passive
- B. Routed
- C. Transparent
- D. Inline set
Correct Answer: D
Question 17
An organization has noticed that malware was downloaded from a website that does not currently have a known bad reputation. How will this issue be addressed globally in the quickest way possible and with the least amount of impact?
- A. By creating a URL object in the policy to block the website.
- B. Cisco Talos will automatically update the policies.
- C. By denying outbound web access.
- D. By isolating the endpoint.
Correct Answer: B
Question 18
The event dashboard within the Cisco FMC has been inundated with low priority intrusion drop events, which are overshadowing high priority events. An engineer has been tasked with reviewing the policies and reducing the low priority events. Which action should be configured to accomplish this task?
- A. Drop packet
- B. Generate events
- C. Drop connection
- D. Drop and generate
Correct Answer: D
Question 19
With Cisco FTD integrated routing and bridging, which interface does the bridge group use to communicate with a routed interface?
- A. Subinterface
- B. Switch virtual
- C. Bridge virtual
- D. Bridge group member
Correct Answer: C
Question 20
An engineer is setting up a new Firepower deployment and is looking at the default FMC policies to start the implementation. During the initial trial phase, the organization wants to test some common Snort rules while still allowing the majority of network traffic to pass. Which default policy should be used?
- A. Balanced Security and Connectivity
- B. Security Over Connectivity
- C. Maximum Detection
- D. Connectivity Over Security
Correct Answer: D