Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Cisco
  5. 300-710

Cisco 300-710 Exam Questions
Securing Networks with Cisco Firepower (300-710 SNCF) (Page 11 )

Updated On: 24-Feb-2026
Page 11 of 84
PDF with 412 Questions

An engineer wants to change an existing transparent Cisco FTD to routed mode. The device controls traffic between two network segments.
Which action is mandatory to allow hosts to reestablish communication between these two segments after the change?

  1. Remove the existing dynamic routing protocol settings.
  2. Configure multiple BVIs to route between segments.
  3. Assign unique VLAN IDs to each firewall interface.
  4. Implement non-overlapping IP subnets on each segment.

Answer(s): D



An engineer installs a Cisco FTD device and wants to inspect traffic within the same subnet passing through a firewall and inspect traffic destined to the Internet.
Which configuration will meet this requirement?

  1. transparent firewall mode with IRB only
  2. routed firewall mode with BVI and routed interfaces
  3. transparent firewall mode with multiple BVIs
  4. routed firewall mode with routed interfaces only

Answer(s): C


Reference:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config- guide-v64/transparent_or_routed_firewall_mode_for_firepower_threat_defense.html



A network administrator is deploying a Cisco IPS appliance and needs it to operate initially without affecting traffic flows. It must also collect data to provide a baseline of unwanted traffic before being reconfigured to drop it.
Which Cisco IPS mode meets these requirements?

  1. failsafe
  2. inline tap
  3. promiscuous
  4. bypass

Answer(s): B



A network administrator is implementing an active/passive high availability Cisco FTD pair.
When adding the high availability pair, the administrator cannot select the secondary peer.
What is the cause?

  1. The second Cisco FTD is not the same model as the primary Cisco FTD.
  2. An high availability license must be added to the Cisco FMC before adding the high availability pair.
  3. The failover link must be defined on each Cisco FTD before adding the high availability pair.
  4. Both Cisco FTD devices are not at the same software version.

Answer(s): A



An administrator is configuring their transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port, but the Cisco FTD is not processing the traffic.
What is the problem?

  1. The switches do not have Layer 3 connectivity to the FTD device for GRE traffic transmission.
  2. The switches were not set up with a monitor session ID that matches the flow ID defined on the Cisco FTD.
  3. The Cisco FTD must be in routed mode to process ERSPAN traffic.
  4. The Cisco FTD must be configured with an ERSPAN port not a passive port.

Answer(s): C






Post your Comments and Discuss Cisco 300-710 exam dumps with other Community members:

Join the 300-710 Discussion