An engineer is using the configure manager add
What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?
Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)
Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)
Which two actions can be used in an access control policy rule? (Choose two.)
An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?
A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?
Which Firepower feature allows users to configure bridges in routed mode and enables devices to perform Layer 2 switching between interfaces?
What is the result of specifying of QoS rule that has a rate limit that is greater than the maximum throughput of an interface?
When creating a report template, how can the results be limited to show only the activity of a specific subnet?
Which Cisco Firepower rule action displays an HTTP warning page?
A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?
An organization does not want to use the default Cisco Firepower block page when blocking HTTP traffic. The organization wants to include information about its policies and procedures to help educate the users whenever a block occurs. Which two steps must be taken to meet these requirements? (Choose two.)
An engineer is configuring Cisco FMC and wants to allow multiple physical interfaces to be part of the same VLAN. The managed devices must be able to perform Layer 2 switching between interfaces, including sub-interfaces. What must be configured to meet these requirements?
Which object type supports object overrides?
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)
A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?
What is a valid Cisco AMP file disposition?
In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot be reached?
Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)
Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)
What is the maximum SHA level of filtering that Threat Intelligence Director supports?
Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?
Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?
Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?
Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?
Which action should be taken after editing an object that is used inside an access control policy?
How many report templates does the Cisco Firepower Management Center support?
Which group within Cisco does the Threat Response team use for threat analysis and research?
Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high- availability?
Drag and drop the steps to restore an automatic device registration failure on the standby Cisco FMC from the left into the correct order on the right. Not all options are used.
What is the benefit of selecting the trace option for packet capture?
Which CLI command is used to control special handling of ClientHello messages?
Which two statements about deleting and re-adding a device to Cisco FMC are true? (Choose two.)
A network administrator configured a NAT policy that translates a public IP address to an internal web server IP address. An access policy has also been created that allows any source to reach the public IP address on port 80. The web server is still not reachable from the Internet on port 80. Which configuration change is needed?
A connectivity issue is occurring between a client and a server which are communicating through a Cisco Firepower device While troubleshooting, a network administrator sees that traffic is reaching the server, but the client is not getting a response Which step must be taken to resolve this issue without initiating traffic from the client?
What is an advantage of adding multiple inline interface pairs to the same inline interface set when deploying an asynchronous routing configuration?
A security engineer is configuring an Access Control Policy for multiple branch locations These locations share a common rule set and utilize a network object called INSIDE_NET which contains the locally significant internal network subnets at each location What technique will retain the policy consistency at each location but allow only the locally significant network subnet within the applicable rules?
Which two routing options are valid with Cisco FTD? (Choose Two)
A network administrator is configuring Snort inspection policies and is seeing failed deployment messages in Cisco FMC. What information should the administrator generate for Cisco TAC to help troubleshoot?
Refer to the exhibit.
What must be done to fix access to this website while preventing the same communication to all other websites?
A network administrator registered a new FTD to an existing FMC. The administrator cannot place the FTD in transparent mode. Which action enables transparent mode?
Which feature is supported by IRB on Cisco FTD devices?
An engineer must configure a Cisco FMC dashboard in a multidomain deployment Which action must the engineer take to edit a report template from an ancestor domain?
While integrating Cisco Umbrella with Cisco Threat Response, a network security engineer wants to automatically push blocking of domains from the Cisco Threat Response interface to Cisco Umbrella. Which API meets this requirement?
An engineer is restoring a Cisco FTD configuration from a remote backup using the command restore remote-manager-backup location 1.1.1.1 admin /volume/home/admin BACKUP_Cisc394602314.zip on a Cisco FMG. After connecting to the repository, an error occurred that prevents the FTD device from accepting the backup file. What is the problem?
A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisc FMC generated an alert for the malware event, however the user still remained connected. Which Cisco APM file rule action within the Cisco FMC must be set to resolve this issue?
An engineer wants to perform a packet capture on the Cisco FTD to confirm that the host using IP address 192 168.100.100 has the MAC address of 0042 7734.103 to help troubleshoot a connectivity issue What is the correct tcpdump command syntax to ensure that the MAC address appears in the packet capture output?
Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)
Which firewall design allows a firewall to forward traffic at layer 2 and layer 3 for the same subnet?
Which policy rule is included in the deployment of a local DMZ during the initial deployment of a Cisco NGFW through the Cisco FMC GUI?
An organization has a Cisco FTD that uses bridge groups to pass traffic from the inside interfaces to the outside interfaces. They are unable to gather information about neighbouring Cisco devices or use multicast in their environment. What must be done to resolve this issue?
Which two conditions must be met to enable high availability between two Cisco FTD devices? (Choose two.)
Which two conditions are necessary for high availability to function between two Cisco FTD devices? (Choose two.)
Which two deployment types support high availability? (Choose two.)
What is a result of enabling Cisco FTD clustering?
An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?
What are two application layer preprocessors? (Choose two.)
Which protocol establishes network redundancy in a switched Firepower device deployment?
A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?
When deploying a Cisco ASA Firepower module, an organization wants to evaluate the contents of the traffic without affecting the network. It is currently configured to have more than one instance of the same device on the physical appliance Which deployment mode meets the needs of the organization?
An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?
What is the difference between inline and inline tap on Cisco Firepower?
