CCNP Security 300-710 Exam Questions and Answers PDF

Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Question 21

An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?

Options:

Configure an IPS policy and enable per-rule logging.

Disable the default IPS policy and enable global logging.

Configure an IPS policy and enable global logging.

Disable the default IPS policy and enable per-rule logging.

Question 22

An administrator is optimizing the Cisco FTD rules to improve network performance, and wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD. Which policy must be configured to accomplish this goal?

Options:

prefilter

intrusion

identity

URL filtering

Question 23

An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?

Options:

Deploy the firewall in transparent mode with access control policies.

Deploy the firewall in routed mode with access control policies.

Deploy the firewall in routed mode with NAT configured.

Deploy the firewall in transparent mode with NAT configured.

Question 24

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?

Options:

Windows domain controller

audit

triage

protection

Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CCNP Security 300-710 Exam Questions and Answers PDF

Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

CompTIA

Fortinet

Microsoft

Salesforce