An administrator is optimizing the Cisco FTD rules to improve network performance, and
wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD.
Which policy must be configured to accomplish this goal?

A.

prefilter

B.

intrusion

C.

identity

D.

URL filtering

On the advanced tab under inline set properties, which allows interfaces to emulate a
passive interface?

A.

transparent inline mode

B.

TAP mode

C.

strict TCP enforcement

D.

propagate link state

A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to
a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to
support?

A.

active/active failover

B.

transparent

C.

routed

D.

high availability clustering

Which Firepower feature allows users to configure bridges in routed mode and enables
devices to perform Layer 2 switching between interfaces?

A.

 FlexConfig

B.

BDI

C.

 SGT

D.

 IRB

Which action should be taken after editing an object that is used inside an access control
policy?

A.

Delete the existing object in use

B.

Refresh the Cisco FMC GUI for the access control policy.

C.

Redeploy the updated configuration

D.

Create another rule using a different object name.

Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?

A.

show running-config

B.

show tech-support chassis

C.

system support diagnostic-cli

D.

sudo sf_troubleshoot.pl

An organization is using a Cisco FTD and Cisco ISE to perform identity-based access
controls. A network administrator is analyzing the Cisco FTD events and notices that
unknown user traffic is being allowed through the firewall. How should this be addressed to
block the traffic while allowing legitimate user traffic? 

A.

Modify the Cisco ISE authorization policy to deny this access to the user.

B.

Modify Cisco ISE to send only legitimate usernames to the Cisco FTD. 

C.

Add the unknown user in the Access Control Policy in Cisco FTD.

D.

Add the unknown user in the Malware & File Policy in Cisco FTD.

After deploying a network-monitoring tool to manage and monitor networking devices in
your organization, you realize that you need to manually upload an MIB for the Cisco FMC.
In which folder should you upload the MIB file?

A.

/etc/sf/DCMIB.ALERT

B.

/sf/etc/DCEALERT.MIB

C.

/etc/sf/DCEALERT.MIB

D.

system/etc/DCEALERT.MIB

Which command-line mode is supported from the Cisco Firepower Management Center
CLI?

A.

privileged

B.

user

C.

configuration

D.

admin

A company is in the process of deploying intrusion prevention with Cisco FTDs managed
by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not
block the suspicious traffic. Which action accomplishes this task?

A.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

B.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

C.

Configure IPS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.

D.

Configure IDS mode when creating or editing a policy rule under the Cisco FMC
Intrusion tab in Access Policies section by checking the "Drop when inline" option. 

A network engineer is configuring URL Filtering on Firepower Threat Defense. Which two
port requirements on the Firepower Management Center must be validated to allow
communication with the cloud service? (Choose two.)

A.

outbound port TCP/443

B.

inbound port TCP/80

C.

outbound port TCP/8080

D.

inbound port TCP/443

E.

outbound port TCP/80

Which report template field format is available in Cisco FMC?

A.

box lever chart

B.

arrow chart

C.

bar chart

D.

benchmark chart