- All Exams Instant Download
Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?
An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices? A. Add a native instance to distribute traffic to each Cisco FTD...
Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)
Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)A . application blocking B. simple custom detection C. file repository D. exclusions E. application whitelistingView AnswerAnswer: AB
What is the benefit of selecting the trace option for packet capture?
What is the benefit of selecting the trace option for packet capture?A . The option indicates whether the packet was dropped or successful. B. The option indicated whether the destination host responds through a different path. C. The option limits the number of packets that are captured. D. The option...
Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?
Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?A . show running-config B. show tech-support chassis C. system support diagnostic-cli D. sudo sf_troubleshoot.plView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/sourcefire-defense-center/117663-technote-SourceFire-00.html
What is the reason for this issue?
A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it. What is the reason for this issue?A . A manual NAT exemption rule does not...
Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?
Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?A . Add the malicious file to the block list. B. Send a snapshot to Cisco for technical support. C. Forward the result of the investigation to an external threat-analysis engine. D....
Which command-line mode is supported from the Cisco Firepower Management Center CLI?
Which command-line mode is supported from the Cisco Firepower Management Center CLI?A . privileged B. user C. configuration D. adminView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/command_line_reference.pdf
Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)
Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)A . An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the policies after registration is completed. B. Before re-adding the device in Cisco FMC,...
How must the devices be implemented in this environment?
An engineer must configure high availability for the Cisco Firepower devices. The current network topology does not allow for two devices to pass traffic concurrently. How must the devices be implemented in this environment?A . in active/active mode B. in a cluster span EtherChannel C. in active/passive mode D. in...
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?A . configure coredump packet-engine enable B. capture-traffic C. capture D. capture WORDView AnswerAnswer: C Explanation: Reason: the command "capture-traffic" is used for SNORT Engine Captures. To capture a LINA Engine Capture,...
