Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Cisco
  5. 300-710

Cisco 300-710 Exam
Securing Networks with Cisco Firepower (300-710 SNCF) (Page 9 )

Updated On: 12-Feb-2026
Page 9 of 84
PDF with 412 Questions

An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. The organization is unable to gather information about neighboring Cisco devices or use multicast in their environment.
What must be done to resolve this issue?

  1. Create a firewall rule to allow CDP traffic
  2. Create a bridge group with the firewall interfaces
  3. Change the firewall mode to transparent
  4. Change the firewall mode to routed

Answer(s): C



A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality. There is a requirement to analyze the traffic going across the device, alert on any malicious traffic, and appear as a bump in the wire. How should this be implemented?

  1. Specify the BVI IP address as the default gateway for connected devices
  2. Enable routing on the Cisco Firepower
  3. Add an IP address to the physical Cisco Firepower interfaces
  4. Configure a bridge group in transparent mode

Answer(s): D



Which two conditions must be met to enable high availability between two Cisco FTD devices? (Choose two.)

  1. same flash memory size
  2. same NTP configuration
  3. same DHCP/PPoE configuration
  4. same host name
  5. same number of interfaces

Answer(s): B,E



An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching.
Which action must be taken to meet these requirements?

  1. Configure an IPS policy and enable per-rule logging
  2. Disable the default IPS policy and enable global logging
  3. Configure an IPS policy and enable global logging
  4. Disable the default IPS policy and enable per-rule logging

Answer(s): A



Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN.
What must be configured to meet these requirements?

  1. redundant interfaces
  2. span EtherChannel clustering
  3. high availability active/standby firewalls
  4. multi-instance firewalls

Answer(s): D






Post your Comments and Discuss Cisco 300-710 exam prep with other Community members:

Join the 300-710 Discussion