- All Exams Instant Download
How is this accomplished on an FTD device in routed mode?
A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet. How is this accomplished on an FTD device in routed mode?A . by assigning an inline set interfaceB . by leveraging the ARP to direct traffic through the firewallC ....
Which capture configuration should be used to gather the information needed to troubleshoot this issue?
An engineer is troubleshooting a device that cannot connect to a web server. The connection is initiated from the Cisco FTD inside interface and attempting to reach 10.0. 1.100 over the non-standard port of 9443. The host the engineer is attempting the connection from is at the IP address of...
Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)
Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)A . virtual linkB . area boundary router type1 LSA filteringC . MD5 authentication to OSPF packetsD . SHA authentication to OSPF packetsE . OSPFV2 with IPv6 capabilitiesView AnswerAnswer: AC
What should be done to correct this?
An engineer is troubleshooting application failures through a FTD deployment While using the FMC CLI, it has been determined that the traffic in question is not matching the desired policy. What should be done to correct this?A . Use the system support firewall-engine-dump-user-identity-data command to change the policy and allow...
Which action will mitigate this risk?
Refer to the exhibit. An administrator is looking at some of the reporting capabilities for Cisco Firepower and noticed this section of the Network Risk Report showing a lot of SSL activity that could be used for evasion. Which action will mitigate this risk?A . Use Cisco AMP for Endpoints...
With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the appliance?
With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the appliance?A . firewallB . ERSPANC . IPS-onlyD . tapView AnswerAnswer: C
Which two types of objects are reusable and supported by Cisco FMC? (Choose two)
Which two types of objects are reusable and supported by Cisco FMC? (Choose two)A . reputation-based objects, such as URL categoriesB . dynamic key mapping objects that help ink HTTP and HTTPS GET requests to Layer 7 application protocolsC . reputation-based objects that represent Security Intelligence feeds and lists, application...
What should the engineer do to ensure that the new addressing takes effect and can be used for the Cisco FTD to Cisco FMC connection?
An engineer currently has a Cisco FTD device registered to the Cisco FMC and is assigned the address of 10.10.50.12. The organization is upgrading the addressing schemes and there is a requirement to convert the addresses to a format that provides an adequate amount of addresses on the network. What...
Which CLI command is used to control special handling of Client Hello messages?
Which CLI command is used to control special handling of Client Hello messages?A . system support ssl-client-hello-tuningB . system support ssl-client-hello-force-resetC . system support ssl-client-hello-displayD . system support ssl-client-hello-resetView AnswerAnswer: A
Which two actions can be used in an access control policy rule? (Choose two.)
Which two actions can be used in an access control policy rule? (Choose two.)A . Block with ResetB . MonitorC . AnalyzeD . DiscoverE . Block ALLView AnswerAnswer: A,B Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepower-module-user-guide-v541/AC-Rules-Tuning-Overview.html#71854
