What is the result of specifying of QoS rule that has a rate limit that is greater than the
maximum throughput of an interface? 

A.

The rate-limiting rule is disabled.

B.

Matching traffic is not rate limited.

C.

The system rate-limits all traffic.

D.

The system repeatedly generates warnings. 

Which command must be run to generate troubleshooting files on an FTD?

A.

system support view-files

B.

sudo sf_troubleshoot.pl

C.

system generate-troubleshoot all

D.

show tech-support

Drag and drop the steps to restore an automatic device registration failure on the standby
Cisco FMC from the left into the correct order on the right. Not all options are used.

Which two statements about deleting and re-adding a device to Cisco FMC are true?
(Choose two.)

A.

An option to re-apply NAT and VPN policies during registration is available, so users do
not need to re- apply the policies after registration is completed.

B.

Before re-adding the device in Cisco FMC, you must add the manager back in the
device.

C.

No option to delete and re-add a device is available in the Cisco FMC web interface.

D.

The Cisco FMC web interface prompts users to re-apply access control policies.

E.

No option to re-apply NAT and VPN policies during registration is available, so users
need to re-apply the policies after registration is completed

Which two packet captures does the FTD LINA engine support? (Choose two.)

A.

Layer 7 network ID

B.

source IP

C.

application ID

D.

dynamic firewall importing

E.

protocol

Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.) 

A.

The BVI IP address must be in a separate subnet from the connected network.

B.

Bridge groups are supported in both transparent and routed firewall modes.

C.

Bridge groups are supported only in transparent firewall mode.

D.

Bidirectional Forwarding Detection echo packets are allowed through the FTD when using bridge-group members.

E.

Each directly connected network must be on the same subnet. 

Which CLI command is used to control special handling of ClientHello messages?

A.

system support ssl-client-hello-tuning

B.

system support ssl-client-hello-display

C.

system support ssl-client-hello-force-reset

D.

system support ssl-client-hello-enabled

Which Cisco Firepower feature is used to reduce the number of events received in a period
of time?

A.

rate-limiting

B.

suspending

C.

correlation

D.

thresholding

A company has many Cisco FTD devices managed by a Cisco FMC. The security model
requires that access control rule logs be collected for analysis. The security engineer is
concerned that the Cisco FMC will not be able to process the volume of logging that will be
generated. Which configuration addresses this concern? 

A.

Send Cisco FTD connection events and security events directly to SIEM system forstorage and analysis.


 

B.

Send Cisco FTD connection events and security events to a cluster of Cisco FMC devices for storage and analysis.

C.

Send Cisco FTD connection events and security events to Cisco FMC and configure it to forward logs to SIEM for storage and analysis.

D.

Send Cisco FTD connection events directly to a SIEM system and forward security events from Cisco FMC to the SIEM system for storage and analysis.

Which CLI command is used to generate firewall debug messages on a Cisco Firepower?

A.

system support firewall-engine-debug

B.

system support ssl-debug

C.

system support platform

D.

system support dump-table

What is a functionality of port objects in Cisco FMC?

A.

to mix transport protocols when setting both source and destination port conditions in a
rule

B.

to represent protocols other than TCP, UDP, and ICMP

C.

to represent all protocols in the same way

D.

to add any protocol other than TCP or UDP for source port conditions in access control
rules

An administrator is creating interface objects to better segment their network but is having
trouble adding interfaces to the objects. What is the reason for this failure? 

A.

The interfaces are being used for NAT for multiple networks.

 

B.

The administrator is adding interfaces of multiple types.

C.

The administrator is adding an interface that is in multiple zones.

D.

The interfaces belong to multiple interface groups.