An analyst is reviewing the Cisco FMC reports for the week. They notice that some peer-topeer
applications are being used on the network and they must identify which poses the
greatest risk to the environment. Which report gives the analyst this information?

A.

Attacks Risk Report

B.

User Risk Report

C.

Network Risk Report

D.

Advanced Malware Risk Report

With a recent summer time change, system logs are showing activity that occurred to be an
hour behind real time Which action should be taken to resolve this issue?

A.

Manually adjust the time to the correct hour on all managed devices

B.

Configure the system clock settings to use NTP with Daylight Savings checked

C.

Manually adjust the time to the correct hour on the Cisco FMC.

D.

Configure the system clock settings to use NTP

An organization recently implemented a transparent Cisco FTD in their network.
They must ensure that the device does not respond to insecure SSL/TLS protocols.
Which action accomplishes the task?

A.

Modify the device's settings using the device management feature within Cisco FMC to
force only
secure protocols

B.

Use the Cisco FTD platform policy to change the minimum SSL version on the device to TLS 1.2.

C.

Enable the UCAPL/CC compliance on the device to support only the most secure
protocols available.

D.

Configure a FlexConfig object to disable any insecure TLS protocols on the Cisco FTD
device.

In a multi-tennent deployment where multiple domains are in use. which update should be
applied outside of the Global Domain?

A.

minor upgrade

B.

local import of intrusion rules

C.

Cisco Geolocation Database

D.

local import of major upgrade

A VPN user is unable to conned lo web resources behind the Cisco FTD device terminating
the connection. While troubleshooting, the network administrator determines that the DNS
responses are not getting through the Cisco FTD What must be done to address this issue
while still utilizing Snort IPS rules?

A.

Uncheck the "Drop when Inline" box in the intrusion policy to allow the traffic

B.

Modify the Snort rules to allow legitimate DNS traffic to the VPN users

C.

Disable the intrusion rule threshes to optimize the Snort processing.

D.

Decrypt the packet after the VPN flow so the DNS queries are not inspected

A network engineer sets up a secondary Cisco FMC that is integrated with Cisco
Security Packet Analyzer What occurs when the secondary Cisco FMC synchronizes
with the primary Cisco FMC?

A.

The existing integration configuration is replicated to the primary Cisco FMC

B.

The existing configuration for integration of the secondary Cisco FMC the Cisco Security
Packet Analyzer is overwritten.

C.

The synchronization between the primary and secondary Cisco FMC fails

D.

The secondary Cisco FMC must be reintegrated with the Cisco Security Packet
Analyzer after the synchronization

A network engineer is receiving reports of users randomly getting disconnected from their
corporate applications which traverses the data center FTD appliance Network monitoring
tools show that the FTD appliance utilization is peaking above 90% of total capacity. What
must be done in order to further analyze this issue?

A.

Use the Packet Export feature to save data onto external drives

B.

Use the Packet Capture feature to collect real-time network traffic

C.

Use the Packet Tracer feature for traffic policy analysis

D.

Use the Packet Analysis feature for capturing network data

An engineer is restoring a Cisco FTD configuration from a remote backup using the
command restore remote-manager-backup location 1.1.1.1 admin /volume/home/admin
BACKUP_Cisc394602314.zip on a Cisco FMG. After connecting to the repository, an error
occurred that prevents the FTD device from accepting the backup file. What is the
problem?

A.

The backup file is not in .cfg format.

B.

The backup file is too large for the Cisco FTD device

C.

The backup file extension was changed from tar to zip

D.

The backup file was not enabled prior to being applied

An engainer must add DNS-specific rules to me Cisco FTD intrusion policy. The engineer
wants to use the rules currently in the Cisco FTD Snort database that are not already
enabled but does not want to enable more than are needed. Which action meets these
requirements?

A.

Change the dynamic state of the rule within the policy.

B.

Change the base policy to Security over Connectivity.

C.

Change the rule state within the policy being used

D.

Change the rules using the Generate and Use Recommendations feature.

A network engineer is logged into the Cisco AMP for Endpoints console and sees a
malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate
this threat?

A.

Add the hash to the simple custom deletion list.

B.

Use regular expressions to block the malicious file.

C.

Enable a personal firewall in the infected endpoint.

D.

Add the hash from the infected endpoint to the network block list.

A security engineer is configuring a remote Cisco FTD that has limited resources and
internet bandwidth. Which malware action and protection option should be configured to
reduce the requirement for cloud lookups?

A.

Malware Cloud Lookup and dynamic analysis

B.

Block Malware action and dynamic analysis

C.

Block Malware action and local malware analysis

D.

Block File action and local malware analysis

An engineer must configure a Cisco FMC dashboard in a child domain. Which action must
be taken so that the dashboard is visible to the parent domain?

A.

Add a separate tab

B.

Adjust policy inheritance settings

C.

Add a separate widget

D.

Create a copy of the dashboard