300-710 SNCF

Securing Networks with Cisco Firewalls v1.1 (300-710)

Exam Description: Securing Networks with Cisco Firewalls v1.1 (SNCF 300-710) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate’s knowledge of Cisco Secure Firewall (formerly Cisco Firepower) and Cisco Secure Firewall Management Center (formerly Cisco Firepower Management Center), including policy configurations, integrations, deployments, management, and troubleshooting.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1. 30% Deployment
   1. Implement Secure Firewall Modes
      
      1. Routed mode
      2. Transparent mode
   2. Implement NGIPS modes
      
      1. Passive
      2.  Inline
   3.  Implement high-availability options
      
      1. Port channels
      2. Failover
      3. Equal-Cost Multipath (ECMP) routing
      4. Static route tracking
      5. Clustering
   4. 1.4 Describe virtual appliance on-premises and cloud deployment
2. 30% Configuration
   
   1. Configure system settings in the Secure Firewall Management Center
   2. Configure policies in the Secure Firewall Management Center
      
      1. Access control
      2. Intrusion
      3. Malware & File
      4. DNS
      5. Identity
      6. Decryption
      7. Prefilter
   3. Configure these features using the Secure Firewall Management Center
      
      1. Network discovery
      2. Application detectors
      3. Correlation
      4. Encrypted visibility engine
   4. Configure objects using the Secure Firewall Management Center
      
      1. Object management
      2. Intrusion rules
   5. Configure devices using the Secure Firewall Management Center
      
      1. Device management
      2. NAT
      3. VPN
      4. QoS
      5. Platform settings
      6. Certificates
      7. Routing
   6. Describe the use of Snort within Secure Firewall Threat Defense
3. 25% Management and Troubleshooting
   
   1. Troubleshoot with Secure Firewall Management Center GUI and device CLI
   2. Configure dashboards and reporting in the Secure Firewall Management Center
   3. Troubleshoot using:
      
      1. Packet capture procedures
      2. Packet Tracer
   4. Analyze risk and standard reports
   5. Describe device management tools
      
      1. Cisco Defense Orchestrator
      2. Cloud-delivered Firewall Management Center
      3. Secure Firewall Device Manager
      4. Secure Firewall Management Center
4. 15% Integration
   
   1. Configure Cisco Secure Firewall Malware Defense (formerly AMP for Networks) in Secure Firewall Management Center
   2. Configure Cisco Secure Endpoint (formerly AMP for Endpoints) integration with Secure Firewall Management Center
   3. Implement Threat Intelligence Director for third-party security intelligence feeds
   4. Describe using Cisco SecureX for security investigations
   5. Describe Secure Firewall Management Center integration using pxGrid
   6. Describe Rapid Threat Containment (RTC) functionality within the Secure Firewall Management Center
   7. Describe Cisco Security Analytics and Logging