Spring Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which firewall design will allow It to forward traffic at layers 2 and 3 for the same subnet?

A.

Cisco Firepower Threat Defense mode

B.

routed mode

C.

Integrated routing and bridging

D.

transparent mode

What is the advantage of having Cisco Firepower devices send events to Cisco Threat Response via the security services exchange portal directly as opposed to using syslog?

A.

All types of Cisco Firepower devices are supported.

B.

An on-premises proxy server does not need to be set up and maintained.

C.

Cisco Firepower devices do not need to be connected to the Internet.

D.

Supports all devices that are running supported versions of Cisco Firepower.

Remote users who connect via Cisco AnyConnect to the corporate network behind a Cisco FTD device report that they get no audio when calling between remote users using their softphones. These same users can call internal users on the corporate network without any issues. What is the cause of this issue?

A.

The hairpinning feature is not available on FTD.

B.

Split tunneling is enabled for the Remote Access VPN on FTD

C.

FTDhas no NAT policy that allows outside to outside communication

D.

The Enable Spoke to Spoke Connectivity through Hub option is not selected on FTD.

A mid-sized company is experiencing higher network bandwidth utilization due to a recent acquisition The network operations team is asked to scale up their one Cisco FTD appliance deployment to higher capacities due to the increased network bandwidth. Which design option should be used to accomplish this goal?

A.

Deploy multiple Cisco FTD appliances in firewall clustering mode to increase performance.

B.

Deploy multiple Cisco FTD appliances using VPN load-balancing to scale performance.

C.

Deploy multiple Cisco FTD HA pairs to increase performance

D.

Deploy multiple Cisco FTD HA pairs in clustering mode to increase performance

A network engineer wants to disable the HTTP response page and interactive blocking of the entire access control policy in Cisco Secure Firewall Management Center. What must be

selected in Block Response Page and Interactive Block Response Page?

A.

Custom

B.

View

C.

System

D.

None

A security engineer must configure a Cisco FTD appliance to inspect traffic coming from the internet. The Internet traffic will be mirrored from the Cisco Catalyst 9300 Switch. Which configuration accomplishes the task?

A.

Set interface configuration mode to none.

B.

Set the firewall mode to transparent.

C.

Set the firewall mode to routed.

D.

Set interface configuration mode to passive.

While configuring FTD, a network engineer wants to ensure that traffic passing through the appliance does not require routing or Vlan rewriting. Which interface mode should the engineer implement to accomplish this task?

A.

passive

B.

transparent

C.

Inline tap

D.

Inline set

Which feature within the Cisco FMC web interface allows for detecting, analyzing and blocking malware in network traffic?

A.

intrusion and file events

B.

Cisco AMP for Endpoints

C.

Cisco AMP for Networks

D.

file policies

An organization has a Cisco IPS running in inline mode and is inspecting traffic for malicious activity. When traffic is received by the Cisco IRS, if it is not dropped, how does the traffic get to its destination?

A.

It is retransmitted from the Cisco IPS inline set.

B.

The packets are duplicated and a copy is sent to the destination.

C.

It is transmitted out of the Cisco IPS outside interface.

D.

It is routed back to the Cisco ASA interfaces for transmission.

A network administrator is seeing an unknown verdict for a file detected by Cisco FTD. Which malware policy configuration option must be selected in order to further analyse the file in the Talos cloud?

A.

Spero analysis

B.

Malware analysis

C.

Dynamic analysis

D.

Sandbox analysis