Spring Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

An engineer is deploying Cisco Secure Endpoint for the first time and on endpoint with MAC address 50:54:15:04:0:AB. The engineer must make sure that during the testing phase no files are isolated and network connections must not be blocked. Which policy type must be configured to accomplish the task?

A.

Triage

B.

Quarantine

C.

Protect

D.

Audit

An administrator must use Cisco FMC to install a backup route within the Cisco FTD to route traffic in case of a routing failure with the primary route. Which action accomplishes this task?

A.

Install the static backup route and modify the metric to be less than the primary route.

B.

Configure EIGRP routing on the FMC to ensure that dynamic routes are always updated.

C.

Use a default route on the FMC instead of having multiple routes contending for priority.

D.

Create the backup route and use route tracking on both routes to a destination IP address in the network.

An engineer is troubleshooting a device that cannot connect to a web server. The connection is initiated from the Cisco FTD inside interface and attempting to reach 10.0.1.100 over the non-standard port of 9443 The host the engineer is attempting the connection from is at the IP address of 10.20.10.20. In order to determine what is happening to the packets on the network, the engineer decides to use the FTD packet capture tool Which capture configuration should be used to gather the information needed to troubleshoot this issue?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Network users experience issues when accessing a server on a different network segment. An engineer investigates the issue by performing packet capture on Cisco Secure Firewall Threat Defense. The engineer expects more data and suspects that not all the traffic was collected during a 15-minute can’t captured session. Which action must the engineer take to resolve the issue?

A.

Forward the captured data lo an FTP server

B.

Increase the amount of RAM allocated for the capture.

C.

Provide a file name to save the data.

D.

Ensure that the allocated memory is sufficient.

A security engineer is configuring a remote Cisco FTD that has limited resources and internet bandwidth. Which malware action and protection option should be configured to reduce the requirement for cloud lookups?

A.

Malware Cloud Lookup and dynamic analysis

B.

Block Malware action and dynamic analysis

C.

Block Malware action and local malware analysis

D.

Block File action and local malware analysis

Refer to the exhibit. An engineer must import three network objects into the Cisco Secure Firewall Management Center by using a CSV file. Which header must be configured in the CSV file to accomplish the task?

A.

NAME;DESCRIPTION;TYPE;VALUE;LOOKUP;

B.

Name; Description; Type;Value;Lookup;

C.

Name; Description; Type;Value;DN;

D.

NAME;DESCRIPTION; TYPE;VALUE;DN;

An administrator configures a Cisco Secure Firewall Threat Defense device in transparent mode. To configure the BVI (Bridge Virtual Interface), the administrator must:

Add a bridge-group interface

Configure a bridge-group ID

Configure the bridge-group interface description

Add bridge-group member interfaces

How must the engineer perform these actions?

A.

Configure a name for the bridge-group interface

B.

Set a security zone for the bridge-group interface

C.

Set the bridge-group interface mode to transparent

D.

Configure an IP address for the bridge-group interface

A security engineer is adding three Cisco FTD devices to a Cisco FMC. Two of the devices have successfully registered to the Cisco FMC. The device that is unable to register is located behind a router that translates all outbound traffic to the router's WAN IP address. Which two steps are required for this device to register to the Cisco FMC? (Choose two.)

A.

Reconfigure the Cisco FMC lo use the device's private IP address instead of the WAN address.

B.

Configure a NAT ID on both the Cisco FMC and the device.

C.

Add the port number being used for PAT on the router to the device's IP address in the Cisco FMC.

D.

Reconfigure the Cisco FMC to use the device's hostname instead of IP address.

E.

Remove the IP address defined for the device in the Cisco FMC.

An engineer must integrate a thud-party security Intelligence teed with Cisco Secure Firewall Management Center. Secure Firewall Management Center is running Version 6.2 3 and has 8 GB of memory. Which two actions must be taken to implement Throat Intelligence Director? (Choose two.)

A.

Upgrade to version 6.6.

B.

Enable REST API access.

C.

Add the URL of the TAXII server.

D.

Add 7 GB of memory.

E.

Add a TAXII server

An engineer is deploying a Cisco ASA Secure Firewall module. The engineer must be able to examine traffic without impacting the network, and the ASA has been deployed with a single context. Which ASA Secure Firewall module deployment mode must be implemented to meet the requirements?

A.

Transparent mode with inline tap monitor-only mode

B.

Routed mode with passive monitor-only mode

C.

Transparent mode with passive monitor-only mode

D.

Routed mode with inline tap monitor-only mode