Selected 300-710 CCNP Security Questions Answers

Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Question 5

Which policy rule is included in the deployment of a local DMZ during the initial deployment of a Cisco NGFW through the Cisco FMC GUI?

Options:

a default DMZ policy for which only a user can change the IP addresses.

deny ip any

no policy rule is included

permit ip any

Question 6

An engineer is configuring a Cisco IPS to protect the network and wants to test a policy before deploying it. A copy of each incoming packet needs to be monitored while traffic flow remains constant. Which IPS mode should be implemented to meet these requirements?

Options:

Inline tap

passive

transparent

routed

Question 7

A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality. There is a requirement to analyze the traffic going across the device, alert on any malicious traffic, and appear as a bump in the wire How should this be implemented?

Options:

Specify the BVl IP address as the default gateway for connected devices.

Enable routing on the Cisco Firepower

Add an IP address to the physical Cisco Firepower interfaces.

Configure a bridge group in transparent mode.

Question 8

Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?

Options:

Cisco Firepower Threat Defense mode

transparent mode

routed mode

integrated routing and bridging

Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Selected 300-710 CCNP Security Questions Answers

Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce