« 返回题库列表为通过 CCNP 300-710 考试做好准备:2026年更新的历年真题。包括思科安全领域的相关内容,如300-710 SNCF | 思博网络。
为通过 CCNP 300-710 考试做好准备,使用最新的 2026 年历年真题。此外,还可以学习关于 Cisco Security 300-710 SNCF 的相关知识。 思博网络专注于提供高质量的练习测试、考试题库、样题以及模拟考试。 这项为期90分钟的考试与CCNP Security以及Cisco Certified Specialist – Network Security Firepower认证相关。该考试旨在评估考生对Cisco Firepower® Threat Defense和Firepower®的了解程度,涵盖政策配置、系统集成、部署、管理以及故障排除等方面的内容。 利用考试资料、考试答案以及试题和解答来加深理解,从而更好地准备考试。 可以免费使用各种测试题和在线历年真题,以模拟真实的考试场景,从而更好地进行考试练习。 使用考试模拟器来进行真实的考试模拟,从而增强自己通过考试的信心。 通过参加诸如《使用Cisco Firepower来保护网络》和《使用Cisco Firepower下一代入侵防御系统来保护网络》这样的课程,可以有效地做好防护工作。
问题 #1
Given the following output, which statements can be determined to be true? (Choose three.) RouterA2# show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 192.168.23.2 1 FULL/BDR 00:00:29 10.24.4.2 FastEthernet1/0 192.168.45.2 2 FULL/BDR 00:00:24 10.1.0.5 FastEthernet0/0 192.168.85.1 1 FULL/- 00:00:33 10.6.4.10 Serial0/1 192.168.90.3 1 FULL/DR 00:00:32 10.5.5.2 FastEthernet0/1 192.168.67.3 1 FULL/DR 00:00:20 10.4.9.20 FastEthernet0/2 192.168.90.1 1 FULL/BDR 00:00:23 10.5.5.4 FastEthernet0/
A. This router is the DR for subnet 10.1.0.0.
B. The DR for the network connected to Fa0/0 has an interface priority greater than 2.
C. The DR for the network connected to Fa0/1 has a router ID of 10.5.5.2.
D. The DR for the serial subnet is 192.168.85.1.
E. This router is neither the DR nor the BDR for the Fa0/1 subnet.
F. RouterA2 is connected to more than one multi-access network.
问题 #2
Which command(s) will enable you to configure only serial interface 0 on a Cisco router?
A. router>interface serial 0
B. router#interface serial 0
C. router(config)#interface serial 0
D. router(config-if)#interface serial 0
问题 #3
A switch is powered up, and the system LED is amber. Which of the following describes this situation?
A. The switch is malfunctioning.
B. Utilization level is high.
C. The switch is performing normally.
D. There is a security violation on a switch port.
问题 #4
Which Cisco IOS command will display the following partial output?
A. show ip
B. show ip route
C. show ip route summary
D. show route summary
问题 #5
You have been asked to examine the following output to identify any security problems with the router. Its configuration is shown: What problems exist? (Choose all that apply.)
A. unencrypted privileged mode password
B. inappropriate wording in the banner message
C. weak password on the VTY line
D. Telnet users will not be prompted for a password
问题 #6
Which of the following statements is NOT true of Cisco ACI?
A. It is a comprehensive SDN architecture.
B. It uses Cisco APIC as the central management system.
C. It provides policy driven automation support.
D. It decreases network visibility.
问题 #7
A new switch is added to the network, and several production VLANs are shut down. Which of the following is a probable cause for this scenario? (Choose two.)
A. The new switch has a lower configuration revision number than existing switches.
B. The new switch has a higher configuration revision number than existing switches.
C. The new switch is operating in transparent mode.
D. The new switch is operating in server mode.
问题 #8
Which Cisco command will display the version and configuration data for Secure Shell (SSH)?
A. show ssh
B. show ip ssh
C. debug ssh
D. debug ip ssh
问题 #9
You need to configure Network Address Translation (NAT) to allow users access to the Internet. There are 62 private hosts that need Internet access using the private network 10.4.3.64 /26, and all of them will be translated into the public IP address of the serial interface. Which of the following NAT configurations will allow all 62 hosts to have simultaneous Internet access?
A. Router(config)# ip nat pool POOLNAME 10.4.3.64 /26 Router(config)# interface s0 Router(config-if)# ip nat inside source 1 pool POOLNAME overload
B. Router(config)# access-list 1 permit 10.4.3.64 0.0.0.127 Router(config)# interface s0/0 Router(config-if)# ip nat source list 1 pool POOLNAME overload
C. Router(config)# access-list 1 permit 10.4.3.64 /26 Router(config)# ip nat inside source list 1 interface serial 0
D. Router(config)# access-list 1 permit 10.4.3.64 0.0.0.63 Router(config)# ip nat inside source list 1 interface serial 0 overload
问题 #10
Which of the following situations could cause a switch to enter initial configuration mode upon booting?
A. Corrupt or missing image file in flash memory
B. Corrupt or missing configuration file in NVRAM memory
C. Corrupt or missing configuration file in flash memory
D. Corrupt or missing configuration file in ROM memory
问题 #11
Which statement is true regarding Inter-Switch Link (ISL) frame tagging?
A. ISL uses a native VLAN.
B. ISL works with non-Cisco switches.
C. ISL adds a 26-byte trailer and 4-byte header.
D. The original Ethernet frame is not modified.
问题 #12
What will be the output of the show cdp neighbors detail command issued on Router A? (Click the Exhibit(s) button to view the network diagram.)
A. Device ID: RTR2511Entry address(es): IP address: 178.10.20.1 Platform: cisco 2511, Capabilities: Router Interface Serial 0 ------------------------------------------ Device ID: RTR2611-Edge Entry address(es): IP address: 10.10.1.2 Platform: cisco 2611, Capabilities: Router Interface Ethernet 0
B. Device ID: RTR2611Entry address(es): IP address: 172.10.20.1 Platform: cisco 2611, Capabilities: Router Interface Ethernet 0 -------------------------------------------- Device ID: C2924C-123 Entry address(es): IP address: 10.10.1.3 Platform: cisco WS-C2924, Capabilities: Switch Interface Ethernet 0
C. Device ID: RTR2511Entry address(es): IP address: 178.10.20.2 Platform: cisco 2511, Capabilities: Router Interface Serial 0 ------------------------------------------ Device ID: C2924C-123 Entry address(es): IP address: 10.10.1.3 Platform: cisco WS-C2924, Capabilities: Switch Interface Ethernet 0
D. Device ID: RTR2611Entry address(es): IP address: 172.10.20.1 Platform: cisco 2611, Capabilities: Router Interface Ethernet 0
E. Device ID: C2924C- 123Entry address(es): IP address: 10.10.1.3 Platform: cisco WS-C2924, Capabilities: Switch Interface Ethernet 0
问题 #13
What will be the effect of executing the following command on port F0/1? switch(config-if)# switchport port-security mac-address 00C0.35F0.8301
A. The command statically defines the MAC address of 00c0.35F0.8301 as an allowed host on the switch port.
B. The command expressly prohibits the MAC address of 00c0.35F0.8301 as an allowed host on the switch port.
C. The command configures an inbound access control list on port F0/1 limiting traffic to the IP address of the host.
D. The command encrypts all traffic on the port from the MAC address of 00c0.35F0.8301.
问题 #14
A new security policy has been adopted by your company. One of its requirements is that only one host is permitted to attach dynamically to each switch port. The security settings on all of the ports have been altered from the default settings. You execute the following command on all switch ports of Switch A: SwitchA(config-if)# switchport port-security maximum 1 After executing the command, you discover that users in the Sales department are still successfully plugging a hub into a port and then plugging
A. The command should be executed at the global prompt.
B. The command should be executed as switchport port-security maximum 0.
C. You also need to execute the switchport port-security violation shutdown command at the global prompt.
D. You also need to execute the switchport port-security violation shutdown command on each switch port.
问题 #15
What switch security configuration requires AAA to be configured on the switch?
A. VACL
B. 802.1x
C. Private VLAN
D. port security
问题 #16
Which metric does the Open Shortest Path First (OSPF) routing protocol use for optimal path calculation?
A. MTU
B. Cost
C. Delay
D. Hop count
问题 #17
Which subnet is IP address 172.16.5.2 /23 a member of, and what is the broadcast address for that subnet?
A. subnet: 172.16.4.0, broadcast: 172.16.5.255
B. subnet: 172.16.5.0, broadcast: 172.16.5.255
C. subnet: 172.16.2.0, broadcast: 172.16.5.255
D. subnet: 172.16.0.0, broadcast: 172.16.7.255
问题 #18
Which statement is TRUE regarding the switchport protected interface configuration command and its effects?
A. The command is used to configure private VLAN edge ports.
B. The command enables the highest level switch port security.
C. All the traffic through protected port should go via a Layer 2 device such as switch.
D. A protected port can directly communicate with any other port on the same switch.
问题 #19
Which of the following methods of tunneling Internet Protocol version 6 (IPv6) traffic through an IPv4 network increases protocol overhead because of IPv6 headers?
A. Protocol translation
B. IPv6 over dedicated WAN links
C. Dual-Stack Backbones
D. IPv6 over IPv4 tunnels
问题 #20
Your assistant has been assigned the task of configuring one end of a WAN link between two offices. The link is a serial connection and the router on the other end is a non-Cisco router. The router in the other office has an IP address of 192.168.8.6/24. The connection will not come up, so you ask your assistant to show you the commands he configured on the Cisco router. The commands he executed are shown below. Ciscorouter(config)# interface serial0/0 Ciscorouter(config-if)# ip address 192.168.8.5 255.255.
A. Ciscorouter(config-if)# no ip address 192.168.8.5 Ciscorouter(config-if)# ip address 192.168.8.10
B. Ciscorouter(config-if)# encapsulation ppp
C. Ciscorouter(config-if)# encapsulation ansi
D. Ciscorouter(config-if)# authentication chap
问题 #21
Which type of switching process requires a switch to wait for the entire frame to be received before forwarding it to a destination port?
A. store and forward
B. cut-through
C. fragment free
D. frame-forward
问题 #22
Which Cisco IOS interface configuration command is used to configure the private VLAN edge ports on a Cisco Catalyst 2950 switch?
A. switchport protected
B. switchport port-security
C. switchport port-vlan-edge
D. switchport port-security violation
问题 #23
Router 5 has four interfaces. The networks hosted on each interface are as follows: Fa0/1 192.168.5.4/29 Fa0/2 192.168.6.0/24 Fa0/3 192.168.7.0/24 S0/0 172.16.5.0/24 You execute the following commands on the router: Router5(config)# router bgp 20 Router5(config-router)# network 192.168.5.0 Router5(config-router)# network 192.168.6.0 Router5(config-router)# network 192.168.7.0 Router5(config-router)# network 172.16.5.0 Router5(config-router)# neighbor 172.16.5.2 remote-as 50 Router5(config-router)# aggregate
A. 192.168.5.4/29
B. 172.16.5.0/24
C. 192.168.6.0/24
D. 192.168.7.0/24
E. none of these will be present
F. only network addresses beginning with 192 will be present
问题 #24
Which of the following are NOT valid IPv6 addresses? (Choose all that apply.)
A. 225.1.4.2
B. ::FFFF:10.2.4.1
C. ::
D. 2001:0:42:3:ff::1
E. fe80:2030:31:24
F. 2001:42:4:0:0:1:34:0
G. 2003:dead:bef:4dad:ab33:46:abab:62
问题 #25
Which Cisco IOS command will enable a switch to copy the configuration from NVRAM to its RAM?
A. copy tftp flash
B. copy running-config flash
C. copy startup-config flash
D. copy startup-config running-config
E. copy running-config startup config
问题 #26
In which of the following IPv6 address assignment methods will the interface receive its IPv6 address from a process native to IPv6, and receive additional parameters from DHCP?
A. Stateless DHCPv6
B. Stateful DHCPv6
C. DHCPv6-PD
D. Stateless autoconfiguration
问题 #27
Examine the following diagram: While troubleshooting an OSPF routing problem, you need to determine the cost for Router F to reach the 192.168.5.0 24 network via the best route. What will that cost be?
问题 #28
Which of the following are characteristics of Open Shortest Path First (OSPF)? (Choose three.)
A. Administrative distance of OSPF is 90
B. Administrative distance of OSPF is 110
C. OSPF uses the Dijkstra algorithm to calculate the SPF tree
D. OSPF uses the Diffusing Update algorithm (DUAL) algorithm to calculate the SPF tree
E. OSPF uses 224.0.0.5 as multicast address for ALLDRouters
F. OSPF uses 224.0.0.6 as multicast address for ALLDRouters
问题 #29
Examine the partial output of the show ip interface command below. What is the subnet broadcast address of the LAN connected to the router from which the command was executed?
A. 192.168.93.15
B. 192.168.93.255
C. 1.1.1.255
D. 1.1.1.127
问题 #30
You need to cable the network shown below. Which of the following is the correct cable for each numbered link?
A. 1-crossover, 2-staight-through, 3-rollover, 4- crossover, 5-crossover
B. 1-straight-through, 2-staight-through, 3-rollover, 4- crossover, 5-crossover
C. 1-crossover, 2-crossover, 3-rollover, 4- crossover, 5-crossover
D. 1-rollover, 2-crossover, 3-crossover, 4- straight-through, 5-straight through
问题 #31
Which two features do Cisco routers offer to mitigate distributed denial-of-service (DDoS) attacks? (Choose two.)
A. Anti-DDoS guard
B. Scatter tracing
C. Access control lists (ACLs)
D. Flow control
E. Rate limiting
问题 #32
Host A is configured for DHCP, but it is not receiving an IP address when it powers up. What is the most likely cause? (Click the Exhibit(s) button to view the network diagram.)
A. The DHCP server is on the wrong subnet.
B. Routers do not forward broadcast traffic.
C. The DHCP server is misconfigured.
D. Port security is enabled on the switch.
问题 #33
You are configuring a Cisco router. Which command would you use to convey a message regarding the remote access security policy of your organization to a user logging into the router?
A. hostname
B. banner motd
C. description
D. boot system
E. terminal monitor
问题 #34
Which statement is supported by the following output? router# show ip protocols Routing Protocol is "eigrp 3" Sending updates every 90 seconds, next due in 24 seconds <> EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 1 Redistributing: eigrp 3 Automatic network summarization is not in effect Maximum path: 4 Routing for Networks: 172.160.72.0 192.168.14.0 <
A. EIGRP supports load-balancing over three equal-cost paths
B. EIGRP supports load-balancing over three unequal-cost paths
C. EIGRP supports load-balancing over four equal-cost paths
D. EIGRP supports load-balancing over four unequal-cost paths
问题 #35
Which VLAN can NOT be filtered through the VLAN Trunking Protocol (VTP) Pruning feature of Cisco switches?
A. VLAN 1
B. VLAN 10
C. VLAN 100
D. VLAN 1000
问题 #36
You are the senior network administrator for a large corporation. Some new trainees have recently joined the network security team. You are educating them about denial-of-service (DoS) attacks and the risks posed to a network by such attacks. Which three are risks that a DoS attack poses to a network? (Choose three.)
A. Downtime and productivity loss
B. Spread of viruses
C. Revenue loss
D. Information theft
E. Spread of spyware
问题 #37
The conference room has a switch port available for use by the presenter during classes. You would like to prevent that port from hosting a hub or switch. Which of the following commands could be used to prevent that port from hosting a hub or switch?
A. switchport port-security maximum
B. switchport port-security mac address sticky
C. switchport port-security mac address
D. switchport port-security
问题 #38
Which statement correctly identifies a difference between Inter-Switch Link (ISL) and 802.1q?
A. 802.1q uses a native VLAN, ISL does not.
B. Cisco devices support only ISL.
C. ISL uses a 12-bit VLAN number field, and 802.1q does not.
D. ISL modifies the original Ethernet frame, while 802.1q encapsulates the original Ethernet frame.
闽公网安备 35012102500533号
|
闽ICP备18010967号-7