Month End Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

300-710 Exam Dumps - Cisco CCNP Security Questions and Answers

Question # 74

What must be implemented on Cisco Firepower to allow multiple logical devices on a single physical device to have access to external hosts?

Options:

A.

Add at least two container instances from the same module.

B.

Set up a cluster control link between all logical devices

C.

Add one shared management interface on all logical devices.

D.

Define VLAN subinterfaces for each logical device.

Buy Now
Question # 75

In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)

Options:

A.

Traffic inspection can be interrupted temporarily when configuration changes are deployed.

B.

The system performs intrusion inspection followed by file inspection.

C.

They can block traffic based on Security Intelligence data.

D.

File policies use an associated variable set to perform intrusion prevention.

E.

The system performs a preliminary inspection on trusted traffic to validate that it matches the trusted parameters.

Buy Now
Question # 76

Which two actions can be used in an access control policy rule? (Choose two.)

Options:

A.

Block with Reset

B.

Monitor

C.

Analyze

D.

Discover

E.

Block ALL

Buy Now
Question # 77

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?

Options:

A.

Send Cisco FTD connection events and security events directly to SIEM system for storage and analysis.

B.

Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis.

C.

Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis.

D.

Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis.

Buy Now
Question # 78

A consultant Is working on a project where the customer is upgrading from a single Cisco Firepower 2130 managed by FDM to a pair of Cisco Firepower 2130s managed oy FMC tor nigh availability. The customer wants the configures of the existing device being managed by FDM to be carried over to FMC and then replicated to the additional: device being added to create the high availability pair. Which action must the consultant take to meet this requirement?

Options:

A.

The current FDM configuration must be configured by hand into FMC before the devices are registered.

B.

The current FDM configuration will be converted automatically into FMC when the device registers.

C.

The current FDM configuration must be migrated to FMC using the Secure Firewall Migration Tool.

D.

The FTD configuration must be converted to ASA command format, which can then be migrated to FMC.

Buy Now
Question # 79

Which report template field format is available in Cisco FMC?

Options:

A.

box lever chart

B.

arrow chart

C.

bar chart

D.

benchmark chart

Buy Now
Question # 80

Users report that Cisco Duo 2FA fails when they attempt to connect to the VPN on a Cisco Secure Firewall Threat Defense (FTD) device IT staff have VPN profiles that do not require multifactor authentication and they can connect to the VPN without any issues When viewing the VPN troubleshooting log in Cisco Secure Firewall Management Centre (FMC), the network administrator sees an error in the Cisco Duo AAA server has been marked as tailed. What is the root cause of the Issue?

Options:

A.

Multifactor authentication Is not supported on Secure FMC managed devices.

B.

Duo trust certificates are missing from the Secure FTD device.

C.

The internal AD server is unreachable from the Secure FTD device.

D.

AD Trust certificates are missing from the Secure FTD device.

Buy Now
Question # 81

An engineer must create an access control policy on a Cisco Secure Firewall Threat Defense device. The company has a contact center that utilizes VoIP heavily, and it is critical that this traffic is not …. by performance issues after deploying the access control policy Which access control Action rule must be configured to handle the VoIP traffic?

Options:

A.

monitor

B.

trust

C.

block

D.

allow

Buy Now
Question # 82

An organization has a compliancy requirement to protect servers from clients, however, the clients and servers all reside on the same Layer 3 network Without readdressing IP subnets for clients or servers, how is segmentation achieved?

Options:

A.

Deploy a firewall in transparent mode between the clients and servers.

B.

Change the IP addresses of the clients, while remaining on the same subnet.

C.

Deploy a firewall in routed mode between the clients and servers

D.

Change the IP addresses of the servers, while remaining on the same subnet

Buy Now
Question # 83

An administrator is setting up Cisco Firepower to send data to the Cisco Stealthwatch appliances. The NetFlow_Set_Parameters object is already created, but NetFlow is not being sent to the flow collector. What must be done to prevent this from occurring?

Options:

A.

Add the NetFlow_Send_Destination object to the configuration

B.

Create a Security Intelligence object to send the data to Cisco Stealthwatch

C.

Create a service identifier to enable the NetFlow service

D.

Add the NetFlow_Add_Destination object to the configuration

Buy Now
Exam Code: 300-710
Exam Name: Securing Networks with Cisco Firepower (300-710 SNCF)
Last Update: Jan 29, 2026
Questions: 385
300-710 pdf

300-710 PDF

$28.5  $94.99
 Add to Cart
300-710 Engine

300-710 Testing Engine

$33  $109.99
 Add to Cart
300-710 PDF + Engine

300-710 PDF + Testing Engine

$43.5  $144.99
 Add to Cart