- All Exams Instant Download
Which configuration addresses this concern?
A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated . Which...
What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?
What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?A . The rate-limiting rule is disabled.B . Matching traffic is not rate limited.C . The system rate-limits all traffic.D . The system repeatedly generates warnings.View AnswerAnswer:...
How should this be implemented?
A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality. There is a requirement to analyze the traffic going across the device, alert on any malicious traffic, and appear as a bump in the wire. How should this be implemented?A...
What is the cause of this issue?
A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown . What is the cause of this issue?A . The malware license has not been applied to the Cisco FTC . The Cisco FMC cannot reach...
Which action accomplishes this task?
A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic . Which action accomplishes this task?A . Configure IDS mode when creating or editing a policy rule...
Which action should be taken after editing an object that is used inside an access control policy?
Which action should be taken after editing an object that is used inside an access control policy?A . Delete the existing object in use.B . Refresh the Cisco FMC GUI for the access control policy.C . Redeploy the updated configuration.D . Create another rule using a different object name.View AnswerAnswer:...
Which object type supports object overrides?
Which object type supports object overrides?A . time rangeB . security group tagC . network objectD . DNS server groupView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reusable_Objects.html#concept_8BFE8B9A83D742D9B647A74F7AD50053
Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?
Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?A . system generate-troubleshootB . show configuration sessionC . show managersD . show running-config | include managerView AnswerAnswer: C Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/command_ref/b_Command_Reference_for_Firepower_Threat_Defense/c_3.html
Which CLI command is used to control special handling of ClientHello messages?
Which CLI command is used to control special handling of ClientHello messages?A . system support ssl-client-hello-tuningB . system support ssl-client-hello-displayC . system support ssl-client-hello-force-resetD . system support ssl-client-hello-enabledView AnswerAnswer: A
What is the benefit of selecting the trace option for packet capture?
What is the benefit of selecting the trace option for packet capture?A . The option indicates whether the packet was dropped or successful.B . The option indicated whether the destination host responds through a different path.C . The option limits the number of packets that are captured.D . The option...
