Cisco 300-710 SNCF and 300-720 SESA CCNP SEC Exam Tests 2026

Welcome to Exam Cisco Certified Network Professional (CCNP) Security 300-710 SNCF and 300-720 SESA Verified QA Tests 2026

Securing Networks with Cisco Firewalls (300-710) :-

Securing Networks with Cisco Firewalls (SNCF 300-710) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate's knowledge of Cisco Secure Firewall (formerly Cisco Firepower) and Cisco Secure Firewall Management Center (formerly Cisco Firepower Management Center), including policy configurations, integrations, deployments, management, and troubleshooting.

300-710 SNCF Exam Topics -

1.0 Deployment

1.1 Implement Secure Firewall modes

1.1.a Routed mode

1.1.b Transparent mode

1.2 Implement NGIPS modes

1.2.a Passive

1.2.b Inline

1.3 Implement high availability options

1.3.a Port channels

1.3.b Failover

1.3.c Equal-Cost Multipath (ECMP) routing

1.3.d Static route tracking

1.3.e Clustering

1.4 Describe virtual appliance on-premises and cloud deployment

2.0 Configuration

2.1 Configure system settings in Secure Firewall Management Center

2.2 Configure policies in Secure Firewall Management Center

2.2.a Access control

2.2.b Intrusion

2.2.c Malware & File

2.2.d DNS

2.2.e Identity

2.2.f Decryption

2.2.g Prefilter

2.3 Configure these features using Secure Firewall Management Center

2.3.a Network discovery
2.3.b Application detectors
2.3.c Correlation
2.3.d Encrypted visibility engine
2.4 Configure objects using Secure Firewall Management Center
2.4.a Object management
2.4.b Intrusion rules
2.5 Configure devices using Secure Firewall Management Center
2.5.a Device management
2.5.b NAT
2.5.c VPN
2.5.d QoS
2.5.e Platform settings
2.5.f Certificates
2.5.g Routing
2.6 Describe the use of Snort within Secure Firewall Threat Defense
3.0 Management and Troubleshooting
3.1 Troubleshoot with Secure Firewall Management Center GUI and device CLI
3.2 Configure dashboards and reporting in Secure Firewall Management Center
3.3 Troubleshoot using:
3.3.a packet capture procedures
3.3.b Packet Tracer
3.4 Analyze risk and standard reports
3.5 Describe device management tools
3.5.a Cisco Defense Orchestrator
3.5.b Cloud-delivered Firewall Management Center
3.5.c Secure Firewall Device Manager
3.5.d Secure Firewall Management Center
4.0 Integration
4.1 Configure Cisco Secure Firewall Malware Defense (formerly AMP for Networks) in Secure Firewall Management Center
4.2 Configure Cisco Secure Endpoint (formerly AMP for Endpoints) integration with Secure Firewall Management Center
4.3 Implement Threat Intelligence Director for third-party security intelligence feeds
4.4 Describe using Cisco SecureX for security investigations
4.5 Describe Secure Firewall Management Center integration using pxGrid
4.6 Describe Rapid Threat Containment (RTC) functionality within Secure Firewall Management Center
4.7 Describe Cisco Security Analytics and Logging

Securing Email with Cisco Secure Email Gateway  (300-720)

Securing Email with Cisco Secure Email Gateway (SESA 300-720) is a 90-minute exam associated with the CCNP Security Certification. This exam certifies a candidate's knowledge of Cisco Secure Email Gateway (formerly Cisco Email Security Appliance), including administration, spam control and antispam, message filters, data loss prevention, LDAP, email authentication and encryption, and system quarantines and delivery methods.

300-720 SESA Exam Topics -

1.0 Administration

1.1 Configure Cisco Secure Email Gateway features

1.1.a Hardware and virtual machine performance specifications

1.1.b Initial configuration process

1.1.c Routing and delivery features

1.1.d GUI

1.1.e Manage certificate authorities

1.1.f Logging

1.2 Describe centralized services on a Cisco Secure Email and Web Manager

1.3 Configure mail policies

1.3.a Incoming and outgoing messages

1.3.b User matching

1.3.c Message splintering

1.4 Integrate Cisco Secure Email Gateway with SecureX

1.5 Configure Cisco Secure Email Threat Defense

2.0 Spam Control with Talos SenderBase and Antispam

2.1 Control spam with Talos SenderBase and Antispam

2.2 Describe graymail management solution

2.3 Configure file reputation filtering and file analysis features

2.4 Implement malicious or undesirable URLs protection

2.5 Describe the bounce verification feature

3.0 Content and Message Filters

3.1 Describe the functions and capabilities of content filters

3.2 Create text resources such as content dictionaries, disclaimers, and templates

3.2.a Dictionary filter rules

3.2.b Text resources management

3.3 Configure message filters components, rules, processing order, and attachment scanning

3.4 Configure scan behavior

3.5 Configure the Cisco Secure Email Gateway to scan for viruses using Sophos and McAfee scanning engines

3.6 Configure outbreak filters

3.7 Configure Data Loss Prevention (DLP)

4.0 LDAP and SMTP Sessions

4.1 Configure and verify LDAP servers and queries (Queries and Directory Harvest Attack)

4.2 Understand spam quarantine functions

4.2.a Authentication for end users of spam quarantine

4.2.b Use spam quarantine alias to consolidate queries

4.3 Understand SMTP functionality

4.3.a Email pipeline

4.3.b Sender and recipient domains

4.3.c SMTP session authentication using client certificates

4.3.d SMTP TLS authentication

4.3.e TLS email encryption

5.0 Email Authentication and Encryption

5.1 Configure Domain Keys and DKIM signing

5.2 Configure SPF and SIDF

5.3 Configure DMARC verification

5.4 Configure forged email detection

5.5 Configure email encryption

5.6 Describe S/MIME security services and communication encryption with other MTAs

5.7 Configure Cisco Secure Email

6.0 System Quarantines and Delivery Methods

6.1 Configure quarantine (spam, policy, virus, and outbreak)

6.2 Use safelists and blocklists to control email delivery

6.3 Manage messages in local or external spam quarantines

6.4 Configure virtual gateways