Practice Exams:

Free 300-710 Exam Braindumps

Pass your Securing Networks with Cisco Firepower (SNCF) exam with these free Questions and Answers

Page 8 of 52
PDF with 260 Questions
QUESTION 31

- (Exam Topic 5)
Which Cisco FMC report gives the analyst information about the ports and protocols that are related to the configured sensitive network for analysis?

  1. A. Malware Report
  2. B. Host Report
  3. C. Firepower Report
  4. D. Network Report

Correct Answer: D

QUESTION 32

- (Exam Topic 1)
An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?

  1. A. Deploy the firewall in transparent mode with access control policies.
  2. B. Deploy the firewall in routed mode with access control policies.
  3. C. Deploy the firewall in routed mode with NAT configured.
  4. D. Deploy the firewall in transparent mode with NAT configured.

Correct Answer: C
Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/general/asa-96-general-config/intro-fw.

QUESTION 33

- (Exam Topic 2)
In which two places can thresholding settings be configured? (Choose two.)

  1. A. on each IPS rule
  2. B. globally, within the network analysis policy
  3. C. globally, per intrusion policy
  4. D. on each access control rule
  5. E. per preprocessor, within the network analysis policy

Correct Answer: AC
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa- firepower-module-user-guide-v541/Intrusion-Global-Threshold.pdf

QUESTION 34

- (Exam Topic 4)
What is a valid Cisco AMP file disposition?

  1. A. non-malicious
  2. B. malware
  3. C. known-good
  4. D. pristine

Correct Answer: B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide- v60/Reference_a_wrapper_Chapter_topic_here.html

QUESTION 35

- (Exam Topic 5)
An engineer wants to change an existing transparent Cisco FTD to routed mode.
The device controls traffic between two network segments. Which action is mandatory to allow hosts to reestablish communication between these two segments after the change?

  1. A. remove the existing dynamic routing protocol settings.
  2. B. configure multiple BVIs to route between segments.
  3. C. assign unique VLAN IDs to each firewall interface.
  4. D. implement non-overlapping IP subnets on each segment.

Correct Answer: D

Page 8 of 52
PDF with 260 Questions

Post your Comments and Discuss Cisco 300-710 exam with other Community members: