Spring Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

An organization has implemented Cisco Firepower without IPS capabilities and now wants to enable inspection for their traffic. They need to be able to detect protocol anomalies and utilize the Snort rule sets to detect malicious behaviour. How is this accomplished?

A.

Modify the access control policy to redirect interesting traffic to the engine

B.

Modify the network discovery policy to detect new hosts to inspect

C.

Modify the network analysis policy to process the packets for inspection

D.

Modify the intrusion policy to determine the minimum severity of an event to inspect.

An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?

A.

Deploy the firewall in transparent mode with access control policies.

B.

Deploy the firewall in routed mode with access control policies.

C.

Deploy the firewall in routed mode with NAT configured.

D.

Deploy the firewall in transparent mode with NAT configured.

Which license type is required on Cisco ISE to integrate with Cisco FMC pxGrid?

A.

mobility

B.

plus

C.

base

D.

apex

A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisc FMC generated an alert for the malware event, however the user still remained connected. Which Cisco APM file rule action within the Cisco FMC must be set to resolve this issue?

A.

Detect Files

B.

Malware Cloud Lookup

C.

Local Malware Analysis

D.

Reset Connection

An engineer is configuring URL filtering for a Cisco FTD device in Cisco FMC. Users must receive a warning when they access http:/'www.Dac 'additstte.corn with the option of continuing to the website if they choose to. No other websites should be blacked. Which two actions must the engineer lake to meet these requirements? (Choose two.)

A.

On the HTTP Responses tab of the access control policy editor, set the Block Response Page to Custom.

B.

On the HTTP Responses tab of the access control policy editor, sot the Interactive Block Response Page to system-provided.

C.

Configure the default action for the access control policy to Interactive Block.

D.

Configure an access control rule that matches the Adult URL category and se: the action to interactive Block.

E.

Configure an access control rule that matches an URL object for http://www.badaduitslte.com; and set the action to interactive Block.

A network engineer detects a connectivity issue between Cisco Secure Firewall Management Center and Cisco Secure Firewall Threat Defense. Initial troubleshooting indicates that heartbeats and events are not being received. The engineer re-establishes the secure channels between both peers. Which two commands must the engineer run to resolve the issue? (Choose two.)

A.

show disk-manager

B.

show history

C.

sudo stats_unified.pl

D.

manage_procs.pl

E.

sudo perfstats -Cq < /var/sf/rna/correlator-stats/now

A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?

A.

Shut down the Cisco FMC before powering up the replacement unit.

B.

Ensure that the faulty Cisco FTD device remains registered to the Cisco FMC.

C.

Unregister the faulty Cisco FTD device from the Cisco FMC

D.

Shut down the active Cisco FTD device before powering up the replacement unit.

A network administrator is troubleshooting access to a website hosted behind a Cisco FTD device External clients cannot access the web server via HTTPS The IP address configured on the web server is 192 168 7.46 The administrator is running the command capture CAP interface outside match ip any 192.168.7.46 255.255.255.255 but cannot see any traffic in the capture Why is this occurring?

A.

The capture must use the public IP address of the web server.

B.

The FTD has no route to the web server.

C.

Theaccess policy is blocking the traffic.

D.

The packet capture shows only blocked traffic

An engineer has been tasked with providing disaster recovery for an organization's primary Cisco FMC. What must be done on the primary and secondary Cisco FMCs to ensure that a copy of the original corporate policy is available if the primary Cisco FMC fails?

A.

Configure high-availability in both the primary and secondary Cisco FMCs

B.

Connect the primary and secondary Cisco FMC devices with Category 6 cables of not more than 10 meters in length.

C.

Place the active Cisco FMC device on the same trusted management network as the standby device

D.

Restore the primary Cisco FMC backup configuration to the secondary Cisco FMC device when the primary device fails

With a recent summer time change, system logs are showing activity that occurred to be an hour behind real time Which action should be taken to resolve this issue?

A.

Manually adjust the time to the correct hour on all managed devices

B.

Configure the system clock settings to use NTP with Daylight Savings checked

C.

Manually adjust the time to the correct hour on the Cisco FMC.

D.

Configure the system clock settings to use NTP