With Cisco FTD software, which interface mode must be configured to passively receive
traffic that passes through the appliance?

A.

ERSPAN

B.

IPS-only

C.

firewall

D.

tap

Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)

A.

BGPv6

B.

ECMP with up to three equal cost paths across multiple interfaces
 

C.

ECMP with up to three equal cost paths across a single interface

D.

BGPv4 in transparent firewall mode

E.

BGPv4 with nonstop forwarding

Refer to the exhibit An engineer is modifying an access control pokey to add a rule
to inspect all DNS traffic that passes through the firewall After making the change
and deploying the pokey they see that DNS traffic is not bang inspected by the Snort
engine What is the problem?

A.

The rule must specify the security zone that originates the traffic

B.

The rule must define the source network for inspection as well as the port

C.

The action of the rule is set to trust instead of allow.

D.

The rule is configured with the wrong setting for the source port

An administrator Is setting up a Cisco PMC and must provide expert mode access for a
security engineer. The engineer Is permitted to use only a secured out-of-band network
workstation with a static IP address to access the Cisco FMC. What must be configured to
enable this access?

A.

Enable SSH and define an access list.

B.

Enable HTTP and define an access list.

C.

Enable SCP under the Access List section.

D.

Enable HTTPS and SNMP under the Access List section

An engineer must define a URL object on Cisco FMC. What is the correct method to
specify the URL without performing SSL inspection?

A.

Use Subject Common Name value.

B.

Specify all subdomains in the object group.

C.

Specify the protocol in the object

D.

Include all URLs from CRL Distribution Points

A network administrator reviews the file report for the last month and notices that all file
types, except exe. show a disposition of unknown. What is the cause of this issue? 

A.

The malware license has not been applied to the Cisco FTD.

B.

The Cisco FMC cannot reach the Internet to analyze files.

C.

A file policy has not been applied to the access policy.

D.

Only Spero file analysis is enabled. 

IT management is asking the network engineer to provide high-level summary statistics of
the Cisco FTD appliance in the network. The business is approaching a peak season so
the need to maintain business uptime is high. Which report type should be used to gather
this information?

A.

Malware Report

B.

Standard Report

C.

SNMP Report

D.

Risk Report

A network engineer is extending a user segment through an FTD device for traffic
inspection without creating another IP subnet How is this accomplished on an FTD device
in routed mode?

A.

by leveraging the ARP to direct traffic through the firewall

B.

by assigning an inline set interface

C.

by using a BVI and create a BVI IP address in the same subnet as the user segment

D.

by bypassing protocol inspection by leveraging pre-filter rules

An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring? 

A.

The NAT ID is required since the Cisco FMC is behind a NAT device.

B.

The IP address used should be that of the Cisco FTD. not the Cisco FMC.

C.

DONOTRESOLVE must be added to the command

D.

The registration key is missing from the command 

An organization does not want to use the default Cisco Firepower block page when
blocking HTTP traffic. The organization wants to include information about its policies and
procedures to help educate the users whenever a block occurs. Which two steps must be
taken to meet these requirements? (Choose two.) 

A.

Modify the system-provided block page result using Python.

B.

Create HTML code with the information for the policies and procedures. 

C.

Edit the HTTP request handling in the access control policy to customized block. 

D.

Write CSS code with the information for the policies and procedures. 

E.

Change the HTTP response in the access control policy to custom. 

Which two types of objects are reusable and supported by Cisco FMC? (Choose two.) 

A.

dynamic key mapping objects that help link HTTP and HTTPS GET requests to Layer 7application protocols.

B.

reputation-based objects that represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists

C.

network-based objects that represent IP address and networks, port/protocols pairs, VLAN tags, security zones, and origin/destination country

D.

network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country

E.

reputation-based objects, such as URL categories 

An engineer is investigating connectivity problems on Cisco Firepower that is using service
group tags. Specific devices are not being tagged correctly, which is preventing clients from
using the proper policies when going through the firewall How is this issue resolved?

A.

Use traceroute with advanced options

B.

Use Wireshark with an IP subnet filter

C.

Use a packet capture with match criteria

D.

Use a packet sniffer with correct filtering