Lead4Pass provides 300-710 dumps with PDF and VCE containing 238 exam questions and answers, which is the best solution for taking the 2023 CCNP Security 300-710 SNCF certification exam.
Download the 300-710 dumps that truly guarantee your success: https://www.leads4pass.com/300-710.html, with 365 days of free updates.
Experience some of the latest 300-710 exam questions and answers online
Number of exam questions | Exam name | Exam code |
15 | Securing Networks with Cisco Firepower (SNCF) | 300-710 |
Question 1:
A network engineer is logged into the Cisco AMP for Endpoints console and sees a malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate this threat?
A. Add the hash to the simple custom deletion list.
B. Use regular expressions to block the malicious file.
C. Enable a personal firewall in the infected endpoint.
D. Add the hash from the infected endpoint to the network block list.
Correct Answer: A
Question 2:
Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?
A. show running-config
B. show tech-support chassis
C. system support diagnostic-cli
D. sudo sf_troubleshoot.pl
Correct Answer: D
Question 3:
The CIO asks a network administrator to present to management a dashboard that shows custom analysis tables for the top DNS queries URL category statistics, and URL reputation statistics. Which action must the administrator take to quickly produce this information for management?
A. Run the Attack report and filter on DNS to show this information.
B. Create a new dashboard and add three custom analysis widgets that specify the tables needed.
C. Modify the Connection Events dashboard to display the information in a view for management.
D. Copy the intrusion events dashboard tab and modify each widget to show the correct charts.
Correct Answer: B
Question 4:
A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to a different VLAN on the same switch.
Which firewall mode is the Cisco FTD set up to support?
A. active/active failover
B. transparent
C. routed
D. high availability clustering
Correct Answer: B
Question 5:
A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows. It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it. Which Cisco IPS mode meets these requirements?
A. failsafe
B. inline tap
C. promiscuous
D. bypass
Correct Answer: B
Question 6:
Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?
A. Cisco Firepower Threat Defense mode
B. transparent mode
C. routed mode
D. integrated routing and bridging
Correct Answer: B
Question 7:
An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?
A. Configure an IPS policy and enable per-rule logging.
B. Disable the default IPS policy and enable global logging.
C. Configure an IPS policy and enable global logging.
D. Disable the default IPS policy and enable per-rule logging.
Correct Answer: C
Question 8:
Which description of a correlation, and policy configuration in the Cisco Firepower Management Center, is true?
A. Correlation policy priorities override whitelist priorities.
B. The system displays correlation policies that are created on all of the domains in a multi-domain deployment.
C. You cannot add a host profile qualification to a correlation rule that is triggered by a malware event.
D. Deleting a response group deletes the responses of that group.
Correct Answer: C
Question 9:
Which report template field format is available in Cisco FMC?
A. box lever chart
B. arrow chart
C. bar chart
D. benchmark chart
Correct Answer: C
Question 10:
An engineer has been tasked with using Cisco FMC to determine if files being sent through the network are malware. Which two configuration tasks must be performed to achieve this file lookup? (Choose two.)
A. The Cisco FMC needs to include an SSL decryption policy.
B. The Cisco FMC needs to connect to the Cisco AMP for Endpoints service.
C. The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for sandboxing.
D. The Cisco FMC needs to connect with the FireAMP Cloud.
E. The Cisco FMC needs to include a file inspection policy for malware lookup.
Correct Answer: BE
Question 11:
Which function is the primary function of the Cisco AMP Threat Grid?
A. It analyzes copies of packets from the packet flow
B. The device is deployed in a passive configuration
C. If a rule is triggered the device generates an intrusion event.
D. The packet flow traverses the device
E. If a rule is triggered the device drops the packet
Correct Answer: AC
Question 12:
Which Cisco AMP for Endpoints policy is used only for monitoring endpoint activity?
A. Windows domain controller
B. audit
C. triage
D. protection
Correct Answer: B
Question 13:
Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)
A. EIGRP
B. OSPF
C. static routing
D. IS-IS
E. BGP
Correct Answer: BE
Question 14:
An analyst using the security analyst account permissions is trying to view the Correlations Events Widget but is not able to access it. However, other dashboards are accessible. Why is this occurring?
A. The widget is configured to display only when active events are present
B. The security analyst role does not have permission to view this widget
C. An API restriction within the Cisco FMC is preventing the widget from displaying
D. The widget is not configured within the Cisco FMC
Correct Answer: D
Question 15:
Which Cisco Firepower feature is used to reduce the number of events received in a period of time?
A. rate-limiting
B. suspending
C. correlation
D. thresholding
Correct Answer: D
…
Lead4Pass 300-710 dumps contain 238 up-to-date exam questions and answers, verified by industry experts to be true and effective, prepare for the 2023 CCNP Security 300-710 SNCF certification exam immediately: https://www.leads4pass.com/300-710.html, Passed with success on the first try.