CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Selected 300-710 CCNP Security Questions Answers

Page: 2 / 16
Total 278 questions
Get 300-710 Full Access Download 300-710 PDF

Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Question 5

An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?

Options:

A.

The interfaces are being used for NAT for multiple networks.

B.

The administrator is adding interfaces of multiple types.

C.

The administrator is adding an interface that is in multiple zones.

D.

The interfaces belong to multiple interface groups.

Question 6

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)

Options:

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet.

Question 7

A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?

Options:

A.

A manual NAT exemption rule does not exist at the top of the NAT table.

B.

An external NAT IP address is not configured.

C.

An external NAT IP address is configured to match the wrong interface.

D.

An object NAT exemption rule does not exist at the top of the NAT table.

Question 8

What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?

Options:

A.

The rate-limiting rule is disabled.

B.

Matching traffic is not rate limited.

C.

The system rate-limits all traffic.

D.

The system repeatedly generates warnings.

Page: 2 / 16
Total 278 questions
Get 300-710 Full Access Download 300-710 PDF