New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CCNP Security 300-710 Exam Questions and Answers PDF

Page: 2 / 18
Question 8

When deploying a Cisco ASA Firepower module, an organization wants to evaluate the contents of the traffic without affecting the network. It is currently configured to have more than one instance of the same device on the physical appliance Which deployment mode meets the needs of the organization?

Options:

A.

inline tap monitor-only mode

B.

passive monitor-only mode

C.

passive tap monitor-only mode

D.

inline mode

Question 9

Which two deployment types support high availability? (Choose two.)

Options:

A.

transparent

B.

routed

C.

clustered

D.

intra-chassis multi-instance

E.

virtual appliance in public cloud

Question 10

What is a result of enabling Cisco FTD clustering?

Options:

A.

For the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.

B.

Integrated Routing and Bridging is supported on the master unit.

C.

Site-to-site VPN functionality is limited to the master unit, and all VPN connections are dropped if the master unit fails.

D.

All Firepower appliances can support Cisco FTD clustering.

Question 11

An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?

Options:

A.

Configure an IPS policy and enable per-rule logging.

B.

Disable the default IPS policy and enable global logging.

C.

Configure an IPS policy and enable global logging.

D.

Disable the default IPS policy and enable per-rule logging.

Page: 2 / 18
Exam Code: 300-710
Exam Name: Securing Networks with Cisco Firepower (300-710 SNCF)
Last Update: Dec 23, 2024
Questions: 325
300-710 pdf

300-710 PDF

$28.5  $94.99
300-710 Engine

300-710 Testing Engine

$33  $109.99
300-710 PDF + Engine

300-710 PDF + Testing Engine

$43.5  $144.99