Free Cisco 300-710 Practice Questions 2026 | Securing Networks with Cisco Firepower (300-710 SNCF)

IT management is asking the network engineer to provide high-level summary statistics of
the Cisco FTD appliance in the network. The business is approaching a peak season so
the need to maintain business uptime is high. Which report type should be used to gather
this information?

A.

Malware Report

B.

Standard Report

C.

SNMP Report

D.

Risk Report

A network engineer is extending a user segment through an FTD device for traffic
inspection without creating another IP subnet How is this accomplished on an FTD device
in routed mode?

A.

by leveraging the ARP to direct traffic through the firewall

B.

by assigning an inline set interface

C.

by using a BVI and create a BVI IP address in the same subnet as the user segment

D.

by bypassing protocol inspection by leveraging pre-filter rules

An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring? 

A.

The NAT ID is required since the Cisco FMC is behind a NAT device.

B.

The IP address used should be that of the Cisco FTD. not the Cisco FMC.

C.

DONOTRESOLVE must be added to the command

D.

The registration key is missing from the command 

An organization does not want to use the default Cisco Firepower block page when
blocking HTTP traffic. The organization wants to include information about its policies and
procedures to help educate the users whenever a block occurs. Which two steps must be
taken to meet these requirements? (Choose two.) 

A.

Modify the system-provided block page result using Python.

B.

Create HTML code with the information for the policies and procedures. 

C.

Edit the HTTP request handling in the access control policy to customized block. 

D.

Write CSS code with the information for the policies and procedures. 

E.

Change the HTTP response in the access control policy to custom. 

Which two types of objects are reusable and supported by Cisco FMC? (Choose two.) 

A.

dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7application protocols.

B.

reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists

C.

network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country

D.

network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country

E.

reputation-based objects, such as URL categories 

An engineer is investigating connectivity problems on Cisco Firepower that is using service
group tags. Specific devices are not being tagged correctly, which is preventing clients from
using the proper policies when going through the firewall How is this issue resolved?

A.

Use traceroute with advanced options

B.

Use Wireshark with an IP subnet filter

C.

Use a packet capture with match criteria

D.

Use a packet sniffer with correct filtering

An analyst is reviewing the Cisco FMC reports for the week. They notice that some peer-topeer
applications are being used on the network and they must identify which poses the
greatest risk to the environment. Which report gives the analyst this information?

A.

Attacks Risk Report

B.

User Risk Report

C.

Network Risk Report

D.

Advanced Malware Risk Report

With a recent summer time change, system logs are showing activity that occurred to be an
hour behind real time Which action should be taken to resolve this issue?

A.

Manually adjust the time to the correct hour on all managed devices

B.

Configure the system clock settings to use NTP with Daylight Savings checked

C.

Manually adjust the time to the correct hour on the Cisco FMC.

D.

Configure the system clock settings to use NTP

An organization recently implemented a transparent Cisco FTD in their network.
They must ensure that the device does not respond to insecure SSL/TLS protocols.
Which action accomplishes the task?

A.

Modify the device's settings using the device management feature within Cisco FMC to
force only
secure protocols

B.

Use the Cisco FTD platform policy to change the minimum SSL version on the device to TLS 1.2.

C.

Enable the UCAPL/CC compliance on the device to support only the most secure
protocols available.

D.

Configure a FlexConfig object to disable any insecure TLS protocols on the Cisco FTD
device.

In a multi-tennent deployment where multiple domains are in use. which update should be
applied outside of the Global Domain?

A.

minor upgrade

B.

local import of intrusion rules

C.

Cisco Geolocation Database

D.

local import of major upgrade