cisco 300-710 online test

Securing Networks with Cisco Firepower (SNCF)

What students need to know about the 300-710 exam

  • Total 156 Questions & Answers

Question 1 Topic 1

Topic 1
What is a result of enabling Cisco FTD clustering?

  • A. For the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.
  • B. Integrated Routing and Bridging is supported on the master unit.
  • C. Site-to-site VPN functionality is limited to the master unit, and all VPN connections are dropped if the master unit fails.
  • D. All Firepower appliances support Cisco FTD clustering.
Answer:

C

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-
v64/clustering_for_the_firepower_threat_defense.html

Discussions

Question 2 Topic 1

Topic 1
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)

  • A. The units must be the same version
  • B. Both devices can be part of a different group that must be in the same domain when configured within the FMC.
  • C. The units must be different models if they are part of the same series.
  • D. The units must be configured only for firewall routed mode.
  • E. The units must be the same model.
Answer:

A E

Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699-configure-ftd-high-
availability-on-firep.html

Discussions

Question 3 Topic 1

Topic 1
On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?

  • A. transparent inline mode
  • B. TAP mode
  • C. strict TCP enforcement
  • D. propagate link state
Answer:

D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-
v64/inline_sets_and_passive_interfaces_for_firepower_threat_defense.html

Discussions

Question 4 Topic 1

Topic 1
What are the minimum requirements to deploy a managed device inline?

  • A. inline interfaces, security zones, MTU, and mode
  • B. passive interface, MTU, and mode
  • C. inline interfaces, MTU, and mode
  • D. passive interface, security zone, MTU, and mode
Answer:

C

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-
v65/ips_device_deployments_and_configuration.html

Discussions

Question 5 Topic 1

Topic 1
What is the difference between inline and inline tap on Cisco Firepower?

  • A. Inline tap mode can send a copy of the traffic to another device.
  • B. Inline tap mode does full packet capture.
  • C. Inline mode cannot do SSL decryption.
  • D. Inline mode can drop malicious traffic.
Answer:

D

Discussions

Question 6 Topic 1

Topic 1
With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the
appliance?

  • A. inline set
  • B. passive
  • C. routed
  • D. inline tap
Answer:

B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-
v64/interface_overview_for_firepower_threat_defense.html

Discussions

Question 7 Topic 1

Topic 1
Which two deployment types support high availability? (Choose two.)

  • A. transparent
  • B. routed
  • C. clustered
  • D. intra-chassis multi-instance
  • E. virtual appliance in public cloud
Answer:

A B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-
v61/firepower_threat_defense_high_availability.html

Discussions

Question 8 Topic 1

Topic 1
Which protocol establishes network redundancy in a switched Firepower device deployment?

  • A. STP
  • B. HSRP
  • C. GLBP
  • D. VRRP
Answer:

A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-
v62/firepower_threat_defense_high_availability.html

Discussions

Question 9 Topic 1

Topic 1
Which interface type allows packets to be dropped?

  • A. passive
  • B. inline
  • C. ERSPAN
  • D. TAP
Answer:

B

Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200908-configuring-firepower-threat-
defense-int.html

Discussions

Question 10 Topic 1

Topic 1
Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface?
(Choose two.)

  • A. Redundant Interface
  • B. EtherChannel
  • C. Speed
  • D. Media Type
  • E. Duplex
Answer:

C E

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm-
interfaces.html

Discussions
To page 2