Share your SNCF Experience

Hi All,
The exam questions are all valid, passed my exam yesterday.

@ccnp_dude Are all the answers right?

Took the exam before I discovered the site a few days ago, many of the questions if not all are in part 1 of the questions, will be retaking on Sunday. Also can the composite quizzes for section 1 40-60 be updated? Shows there no quiz.

Hi Anonymous, Not all questions were right. I cant recollect all the answers, but i did some research while using the dumps provided and manged to clear the exam.. But for sure all questions were from the same dumps.

Just passed most questions came from section 1 and 3, I don’t recall seeing anything from section 2. Not sure of my score but was good enough to pass!!!

Are the questions from Part 1and 2 enough to pass?

Just passed the exam..all the questions have come from the three sections, but will recommend to double check answers of section 1 and 2 from other sources. @CiscoX you need to prepare from all the sections and sections 3 is very important in particular. Good luck!!

I passed the exam today. Most of question are from Part 1. I dont have access on Part 3 so I cannot really say whats on it.

Hi, Kindly advise on which part should i concentrate on for the exam.

Anyone passed this exam in recent few days?

An engineer is configuring multiple Cisco FTD appliances for use in the network. Which rule must the engineer follow while defining interface objects in Cisco FMC for use with interfaces across multiple devices?

A. Two security zones can contain the same interface.
B. An interface cannot belong to a security zone and an interface group.
C. Interface groups can contain multiple interface types.
D. Interface groups can contain interfaces from many devices.

Answer: A

Explanation

There are two types of interface objects:
+ Security zones – An interface can belong to only one security zone -> Answer A is correct.
+ Interface groups – An interface can belong to multiple interface groups (and to one security zone) -> Answer B is not correct.

All interfaces in an interface object must be of the same type: all inline, passive, switched, routed, or ASA FirePOWER (-> Answer C is not correct). After you create an interface object, you cannot change the type of interfaces it contains.

Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/reusable_objects.html

should this not be B?

A security engineer is deploying a pair of primary and secondary Cisco FMC devices. The secondary must also receive updates from Cisco Talos. Which action achieves this goal?

A.Force failover for the secondary Cisco FMC to synchronize the rule updates from the primary.
B.Manually import rule updates onto the secondary Cisco FMC device.
C.Configure the primary Cisco FMC so that the rules are updated.
D.Configure the secondary Cisco FMC so that it receives updates from Cisco Talos.

Is the answer C?

A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses concern this?

A.Send Cisco FTD connection events and security events directly to SIEM system for storage and analysis
B.Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis
C.Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis
D.Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis

Is the correct answer A?

With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?
A. inline set
B. passive
C. routed
D. inline tap

Answer A?

How much questions are in Part 3? Anyone passed the exam?

Passed exam last week. All questions were from this site. Most were from Section 1 & 3. Pay the $19 and get a premium account. Google answers you are not sure of. Not all answers are correct.

Just passed the exam today. No new questions. Not all answers are correct.

*SNCF can you remebmber which are wrong and send the correct answers here?

Passt today all questions are here.Not all answers correct. Thanks!

An engineer attempts to pull the configuration for a Cisco FTD sensor to review with Cisco TAC but does not have direct access to the CLI for the device. The CLI for the device is managed by Cisco FMC to which the engineer has access. Which action in Cisco FMC grants access to the CLI for the device?

A.Create a backup of the configuration within the Cisco FMC.
B.Download the configuration file within the File Download section of Cisco FMC.
C.Export the configuration using the Import/Export tool within Cisco FMC.
D.Use the show run all command in the Cisco FTD CLI feature within Cisco FMC.

Is D the correct answer?

An engineer installs a Cisco FTD device and wants to inspect traffic within the same subnet passing through a firewall and inspect traffic destined to the Internet. Which configuration will meet this requirement?

A. routed firewall mode with BVI and routed interfacescorrect
B. transparent firewall mode with IRB onlywrong
C. transparent firewall mode with multiple BVIs
D. routed firewall mode with routed interfaces only

Is this c?

An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events are filling the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time. What configuration change must be made to alleviate this issue?
A. Exclude load balancers and NAT devices.
B. Leave default networks.
C. Increase the number of entries on the NAT device.
D. Change the method to TCP/SYN.

answer is a

Which Cisco FMC report gives the analyst information about the ports and protocols that are related to the configured sensitive network for analysis?

A.Network Report
B.Malware Report
C.Host Report
D.Firepower Report

A?

An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?
A. The interfaces are being used for NAT for multiple networks
B. The administrator is adding interfaces of multiple types
C. The administrator is adding an interface that is in multiple zones
D. The interfaces belong to multiple interface groups

b?

An engineer is configuring a Cisco IPS to protect the network and wants to test a policy before deploying it. A copy of each incoming packet needs to be monitored while traffic flow remains constant. Which IPS mode should be implemented to meet these requirements?

A. routed
B. passive
C. inline tap
D. transparent

passive

A network administrator is implementing an active/passive high availability Cisco FTD pair. When adding the high availability pair, the administrator cannot select the secondary peer. What is the cause?

A.An high availability license must be added to the Cisco FMC before adding the high availability pair.
B.Both Cisco FTD devices are not at the same software version.
C.The second Cisco FTD is not the same model as the primary Cisco FTD.
D.The failover link must be defined on each Cisco FTD before adding the high availability pair.

c?

Passed the exam 2days ago most of the questions are on part 1.

With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?

A.routed
B.inline tap
C.passive
D.inline set

I think this is B inline tap

any one used this dump and passed recently?
i see all the answers 90% correct why people says not correct..

Q. Which two characteristics represent a Cisco device operating in tap mode? (Choose two.)
A. It analyzes copies of packets from the packet flow
B. The device is deployed in a passive configuration
C. If a rule is triggered the device generates an intrusion event.
D. The packet flow traverses the device
E. If a rule is triggered the device drops the packet

Ans: A E

Please correct if required

Also note that:

Tap Mode
This option restricts the inline pair to viewing the data and reporting only. It doesn’t
enable blocking or denying any packets.

so the correct answers would be A D

Thank you, passed exam today.
All questions from here. Love from
Zimbabwe

what is meant by “VLAN rewriting” in questions, anyone can advice pls

@ zimbabwe congras , how many questions you got for how much time? did you have D&D ? if yes, how many?

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A. Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC
B. Shut down the active Cisco FTD device before powering up the replacement unit
C. Shut down the Cisco FMC before powering up the replacement unit
D. Unregister the faulty Cisco FTD device from the Cisco FMC

Answer: A

should be D ? pls advise thanks

@Anonymous – congrats
what you mean by Labs ?

Thank you so much for everything!! I was super good thanks to the page. The premium section is recommended since you could practice as if it were the exam,

Cheers!!

Hi all, pased exam today. thanks for the support cftut. success!

passed exam today, all question from cftut. thanks alot and worth buying premium account

anyone did the exam recently ?
SNCF Questions – Part 1 is enough or i have to read Part-2 as well

any advice please?

i have red Group 1 only and i scheduled my exam for tomorrow, wish me a good luck, i will keep you posted!

do you any updates for us ?

Failed my exam today, the questions are not valid.

I’d like to know if the questions are still valid.
I’ll have the exam next week likely.

How many questions are in part 3 ?

Are the questions valid? can anyone confirm?

i wrote exam this monday and i passed.
i had 61 Questions, 11 Quesitions are new.

Sorry i can not rememebr them

No lab sim for exam ?

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A. Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC
B. Shut down the active Cisco FTD device before powering up the replacement unit
C. Shut down the Cisco FMC before powering up the replacement unit
D. Unregister the faulty Cisco FTD device from the Cisco FMC

should the answer be D?

Are the questions valid? can anyone confirm?