- All Exams Instant Download
Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service?
A network engineer is configuring URL Filtering on Firepower Threat Defense . Which two port requirements on the Firepower Management Center must be validated to allow communication with the cloud service? (Choose two.)A . outbound port TCP/443B . inbound port TCP/80C . outbound port TCP/8080D . inbound port TCP/443E ....
Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?
Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?A . Cisco Firepower Threat Defense modeB . transparent modeC . routed modeD . integrated routing and bridgingView AnswerAnswer: B
Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)
Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)A . An option to re-apply NAT and VPN policies during registration is available, so users do not need to re-apply the policies after registration is completed.B . Before re-adding the device in Cisco FMC,...
Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?
Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?A . show running-configB . show tech-support chassisC . system support diagnostic-cliD . sudo sf_troubleshoot.plView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/sourcefire-defense-center/117663-technote-SourceFire-00.html
How must the devices be implemented in this environment?
An engineer must configure high availability for the Cisco Firepower devices. The current network topology does not allow for two devices to pass traffic concurrently . How must the devices be implemented in this environment?A . in active/active modeB . in a cluster span EtherChannelC . in active/passive modeD ....
Which group within Cisco does the Threat Response team use for threat analysis and research?
Which group within Cisco does the Threat Response team use for threat analysis and research?A . Cisco Deep AnalyticsB . OpenDNS GroupC . Cisco Network ResponseD . Cisco TalosView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/products/security/threat-response.html#~benefits
Which two packet captures does the FTD LINA engine support? (Choose two.)
Which two packet captures does the FTD LINA engine support? (Choose two.)A . Layer 7 network IDB . source IPC . application IDD . dynamic firewall importingE . protocolView AnswerAnswer: B,E Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212474-working-with-firepower-threat-defense-f.html
Which two actions can be used in an access control policy rule? (Choose two.)
Which two actions can be used in an access control policy rule? (Choose two.)A . Block with ResetB . MonitorC . AnalyzeD . DiscoverE . Block ALLView AnswerAnswer: A,B Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module-user-guide-v541/AC-Rules-Tuning-Overview.html#71854
Which IPS mode should be implemented to meet these requirements?
An engineer is configuring a Cisco IPS to protect the network and wants to test a policy before deploying it. A copy of each incoming packet needs to be monitored while traffic flow remains constant . Which IPS mode should be implemented to meet these requirements?A . Inline tapB ....
Which Cisco Firepower feature is used to reduce the number of events received in a period of time?
Which Cisco Firepower feature is used to reduce the number of events received in a period of time?A . rate-limitingB . suspendingC . correlationD . thresholdingView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module-user-guide-v541/Intrusion-Global-Threshold.html
