Securing Networks with Cisco Firepower (300-710 SNCF) Exam (300-710) - Cisco Actual Exam Questions
Last updated on April 15, 2026
A network administrator configured a NAT policy that translates a public IP address to an internal web server IP address. An access policy has also been created that allows any source to reach the public IP address on port 80. The web server is still not reachable from the Internet on port 80. Which configuration change is needed?
The intrusion policy must be disabled for port 80.
The access policy rule must be configured for the action trust.
The NAT policy must be modified to translate the source IP address as well as destination IP address.
The access policy must allow traffic to the internal web server IP address.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Refer to the exhibit An engineer is modifying an access control pokey to add a rule to inspect all DNS traffic that passes through the firewall After making the change and deploying the pokey they see that DNS traffic is not bang inspected by the Snort engine What is the problem?
The rule must specify the security zone that originates the traffic
The rule must define the source network for inspection as well as the port
The action of the rule is set to trust instead of allow.
The rule is configured with the wrong setting for the source port
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
A network administrator is implementing an active/passive high availability Cisco FTD pair. When adding the high availability pair, the administrator cannot select the secondary peer. What is the cause?
The second Cisco FTD is not the same model as the primary Cisco FTD.
An high availability license must be added to the Cisco FMC before adding the high availability pair.
The failover link must be defined on each Cisco FTD before adding the high availability pair.
Both Cisco FTD devices are not at the same software Version
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
An administrator is setting up Cisco Firepower to send data to the Cisco Stealthwatch appliances. The NetFlow_Set_Parameters object is already created, but NetFlow is not being sent to the flow collector. What must be done to prevent this from occurring?
Add the NetFlow_Send_Destination object to the configuration
Create a Security Intelligence object to send the data to Cisco Stealthwatch
Create a service identifier to enable the NetFlow service
Add the NetFlow_Add_Destination object to the configuration
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
A network engineer must configure an existing firewall to have a NAT configuration. The now configuration must support more than two interlaces per context. The firewall has previously boon operating transparent mode. The Cisco Secure Firewall Throat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?
Run the configure manager add routed command from the Secure FTD device CL1, and reregister with Secure FMC.
Run the configure firewall routed command from the Secure FTD device CD, and reregister with Secure FMC.
Run the configure manager add routed command from the Secure FMC CLI. and reregister with Secure FMC.
Run the configure firewall routed command from the Secure FMC CLI. and reregister with Secure FMC.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Finish Practice?
Are you sure you want to finish? This will end your practice session.