- All Exams Instant Download
Which policy must be configured to accomplish this goal?
An administrator is optimizing the Cisco FTD rules to improve network performance, and wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD. Which policy must be configured to accomplish this goal?A . prefilter B. intrusion C. identity D. URL filteringView AnswerAnswer: A
How should this be addressed to block the traffic while allowing legitimate user traffic?
An organization is using a Cisco FTD and Cisco ISE to perform identity-based access controls. A network administrator is analyzing the Cisco FTD events and notices that unknown user traffic is being allowed through the firewall. How should this be addressed to block the traffic while allowing legitimate user traffic?A...
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)A . The BVI IP address must be in a separate subnet from the connected network. B. Bridge groups are supported in both transparent and routed firewall modes. C. Bridge groups are supported only in transparent firewall mode....
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?A . configure coredump packet-engine enable B. capture-traffic C. capture D. capture WORDView AnswerAnswer: C Explanation: Reason: the command "capture-traffic" is used for SNORT Engine Captures. To capture a LINA Engine Capture,...
What is the reason for this failure?
An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?A . The interfaces are being used for NAT for multiple networks. B. The administrator is adding interfaces of multiple types. C. The administrator...
What is the cause of this issue?
A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown. What is the cause of this issue?A . The malware license has not been applied to the Cisco FTD. B. The Cisco FMC cannot reach the...
Which two packet captures does the FTD LINA engine support? (Choose two.)
Which two packet captures does the FTD LINA engine support? (Choose two.)A . Layer 7 network ID B. source IP C. application ID D. dynamic firewall importing E. protocolView AnswerAnswer: BE Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212474-working-with-firepower-threat-defense-f.html
Which object type supports object overrides?
Which object type supports object overrides?A . time range B. security group tag C. network object D. DNS server groupView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reusable_Objects.html#concept_8BFE8B9A83D742D9B647A74F7AD50053
What is a behavior of a Cisco FMC database purge?
What is a behavior of a Cisco FMC database purge?A . User login and history data are removed from the database if the User Activity check box is selected. B. Data can be recovered from the device. C. The appropriate process is restarted. D. The specified data is removed from...
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)A . Traffic inspection can be interrupted temporarily when configuration changes are deployed. B. The system performs intrusion inspection followed by file inspection. C. They can block traffic based on Security Intelligence data. D. File...
