What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?

A.

VPN connections can be re-established only if the failed master unit recovers.

B.

Smart License is required to maintain VPN connections simultaneously across all cluster units.

C.

VPN connections must be re-established when a new master unit is elected.

D.

Only established VPN connections are maintained when a new master unit is elected. 

Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring
endpoint actively?

A.

Windows domain controller

B.

audit

C.

triage

D.

protection

In which two ways do access control policies operate on a Cisco Firepower system?
(Choose two.)

A.

Traffic inspection can be interrupted temporarily when configuration changes are
deployed.



 

B.

The system performs intrusion inspection followed by file inspection.

C.

They can block traffic based on Security Intelligence data.

D.

File policies use an associated variable set to perform intrusion prevention.

E.

The system performs a preliminary inspection on trusted traffic to validate that it
matches the trusted parameters.

Which two actions can be used in an access control policy rule? (Choose two.)

A.

Block with Reset

B.

Monitor

C.

Analyze

D.

Discover

E.

Block ALL 

An engineer has been tasked with using Cisco FMC to determine if files being sent through
the network are malware. Which two configuration takes must be performed to achieve this
file lookup? (Choose two.)

A.

The Cisco FMC needs to include a SSL decryption policy.

B.

The Cisco FMC needs to connect to the Cisco AMP for Endpoints service

C.

The Cisco FMC needs to connect to the Cisco ThreatGrid service directly for
sandboxing.

D.

The Cisco FMC needs to connect with the FireAMP Cloud

E.

The Cisco FMC needs to include a file inspection policy for malware lookup.

An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is
noticed that excessive and misleading events filing the database and overloading the Cisco
FMC. A monitored NAT device is executing multiple updates of its operating system in a
short period of time. What configuration change must be made to alleviate this issue? 

A.

Leave default networks.

B.

Change the method to TCP/SYN.
 

C.

Increase the number of entries on the NAT device.

D.

Exclude load balancers and NAT devices.

Refer to the exhibit.

What must be done to fix access to this website while preventing the same communication
to all other websites?

A.

Create an intrusion policy rule to have Snort allow port 80 to only 172.1.1 50.

B.

Create an access control policy rule to allow port 80 to only 172.1.1 50

C.

Create an intrusion policy rule to have Snort allow port 443 to only 172.1.1.50

D.

Create an access control policy rule to allow port 443 to only 172.1.1 50

An organization has a compliancy requirement to protect servers from clients, however, the
clients and servers all reside on the same Layer 3 network Without readdressing IP
subnets for clients or servers, how is segmentation achieved?

A.

Deploy a firewall in transparent mode between the clients and servers

B.

Change the IP addresses of the clients, while remaining on the same subnet.

C.

Deploy a firewall in routed mode between the clients and servers

D.

Change the IP addresses of the servers, while remaining on the same subnet

Which object type supports object overrides?

A.

time range

B.

security group tag

C.

network object

D.

DNS server group

An organization has seen a lot of traffic congestion on their links going out to the internet
There is a Cisco Firepower device that processes all of the traffic going to the internet prior
to leaving the enterprise. How is the congestion alleviated so that legitimate business traffic
reaches the destination?

A.

Create a flexconfig policy to use WCCP for application aware bandwidth limiting

B.

Create a VPN policy so that direct tunnels are established to the business applications

C.

Create a NAT policy so that the Cisco Firepower device does not have to translate as
many addresses

D.

Create a QoS policy rate-limiting high bandwidth applications

Which command is run on an FTD unit to associate the unit to an FMC manager that is at
IP address 10.0.0.10, and that has the registration key Cisco123?

A.

configure manager local 10.0.0.10 Cisco123

B.

configure manager add Cisco123 10.0.0.10

C.

configure manager local Cisco123 10.0.0.10
 

D.

configure manager add 10.0.0.10 Cisco123

With Cisco FTD integrated routing and bridging, which interface does the bridge group use
to communicate with a routed interface?

A.

switch virtual

B.

bridge group member

C.

bridge virtual

D.

subinterface