1. Home
  2. Cisco
  3. CCNP Security
  4. 300-710
  5. Securing Networks with Cisco Firepower (300-710 SNCF) Questions and Answers

Pass the Cisco CCNP Security 300-710 Questions and answers with CertsForce

 Cisco Exams      Go to Exam Detail      Get Premium Access
Viewing page 4 out of 10 pages
Viewing questions 31-40 out of questions
Questions # 31:

Which command must be run to generate troubleshooting files on an FTD?

Options:
A.

system support view-files

B.

sudo sf_troubleshoot.pl

C.

system generate-troubleshoot all

D.

show tech-support

Expert Solution
Questions # 32:

What is the benefit of selecting the trace option for packet capture?

Options:
A.

The option indicates whether the packet was dropped or successful.

B.

The option indicated whether the destination host responds through a different path.

C.

The option limits the number of packets that are captured.

D.

The option captures details of each packet.

Expert Solution
Questions # 33:

How many report templates does the Cisco Firepower Management Center support?

Options:
A.

20

B.

10

C.

5

D.

unlimited

Expert Solution
Questions # 34:

When do you need the file-size command option during troubleshooting with packet capture?

Options:
A.

when capture packets are less than 16 MB

B.

when capture packets are restricted from the secondary memory

C.

when capture packets exceed 10 GB

D.

when capture packets exceed 32 MB

Expert Solution
Questions # 35:

A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service? (Choose two.)

Options:
A.

outbound port TCP/443

B.

inbound port TCP/80

C.

outbound port TCP/8080

D.

inbound port TCP/443

E.

outbound port TCP/80

Expert Solution
Questions # 36:

What is a functionality of port objects in Cisco FMC?

Options:
A.

to mix transport protocols when setting both source and destination port conditions in a rule

B.

to represent protocols other than TCP, UDP, and ICMP

C.

to represent all protocols in the same way

D.

to add any protocol other than TCP or UDP for source port conditions in access control rules.

Expert Solution
Questions # 37:

Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?

Options:
A.

configure coredump packet-engine enable

B.

capture-traffic

C.

capture

D.

capture WORD

Expert Solution
Questions # 38:

Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)

Options:
A.

An option to re-apply NAT and VPN policies during registration is available, so users do not need to re- apply the policies after registration is completed.

B.

Before re-adding the device in Cisco FMC, you must add the manager back in the device.

C.

No option to delete and re-add a device is available in the Cisco FMC web interface.

D.

The Cisco FMC web interface prompts users to re-apply access control policies.

E.

No option to re-apply NAT and VPN policies during registration is available, so users need to re-apply the policies after registration is completed.

Expert Solution
Questions # 39:

What is the maximum bit size that Cisco FMC supports for HTTPS certificates?

Options:
A.

1024

B.

8192

C.

4096

D.

2048

Expert Solution
Questions # 40:

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

Options:
A.

system support firewall-engine-debug

B.

system support ssl-debug

C.

system support platform

D.

system support dump-table

Expert Solution
Viewing page 4 out of 10 pages
Viewing questions 31-40 out of questions