Which two OSPF routing features are configured in Cisco FMC and propagated to Cisco FTD? (Choose two.)
A. OSPFv2 with IPv6 capabilities
B. virtual links
C. SHA authentication to OSPF packets
D. area boundary router type 1 LSA filtering
E. MD5 authentication to OSPF packets
When creating a report template, how can the results be limited to show only the activity of a specific subnet?
A. Create a custom search in Firepower Management Center and select it in each section of the report.
B. Add an Input Parameter in the Advanced Settings of the report, and set the type to Network/IP.
C. Add a Table View section to the report with the Search field defined as the network in CIDR format.
D. Select IP Address as the X-Axis in each section of the report.
How many report templates does the Cisco Firepower Management Center support?
A. 20
B. 10
C. 5
D. unlimited
What is a functionality of port objects in Cisco FMC?
A. to mix transport protocols when setting both source and destination port conditions in a rule
B. to represent protocols other than TCP, UDP, and ICMP
C. to represent all protocols in the same way
D. to add any protocol other than TCP or UDP for source port conditions in access control rules.
What Software can be installed on the Cisco 4100 series appliance? (Choose two)
A. FTD
B. ASA
C. ASAv
D. FMC
A security engineer is configuring an Access Control Policy for multiple branch locations. These locations share a common rule set and utilize a network object called INSIDE_NET which contains the locally significant internal network subnets
at each location.
What technique will retain the policy consistency at each location but allow only the locally significant network subnet within the applicable rules?
A. utilizing policy inheritance
B. utilizing a dynamic ACP that updates from Cisco Talos Eba
C. creating a unique ACP per device.
D. creating an ACP with an INSIDE_NET network object and object overrides.
What is the advantage of having Cisco Firepower devices send events to Cisco Threat Response via the security services exchange portal directly as opposed to using syslog?
A. Firepower devices do not need to be connected to the Internet.
B. An on-premises proxy server does not need to set up and maintained.
C. All types of Firepower devices are supported.
D. Supports all devices that are running supported versions of Firepower
What is an advantage of adding multiple inline interface pairs to the same inline interface set when deploying an asynchronous routing configuration?
A. Allows the IPS to identify inbound and outbound traffic as part of the same traffic flow.
B. The interfaces disable autonegotiation and interface speed is hard coded set to 1000 Mbps.
C. Allows traffic inspection to continue without interruption during the Snort process restart.
D. The interfaces are automatically configured as a media-independent interface crossover.
A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address https://
A. Disable the HTTPS server and use HTTP instead.
B. Enable the HTTPS server for the device platform policy.
C. Disable the proxy setting on the browser.
D. Use the Cisco FTD IP address as the proxy server setting on the browser.
A network administrator is troubleshooting access to a website hosted behind a Cisco FTD device. External clients cannot access the web server via HTTPS. The IP address configured on the web server is 192.168.7.46. The administrator is running the command capture CAP interface outside match ip any 192.168.7.46 255.255.255.255 but cannot see any traffic in the capture. Why is this occurring?
A. The capture must use the public IP address of the web server.
B. The packet capture shows only blocked traffic.
C. The FTD has no route to the web server.
D. The access policy is blocking the traffic.
An engineer must add DNS-specific rules to the Cisco FTD intrusion policy. The engineer wants to use the rules currently in the Cisco FTD Snort database that are not already enabled but does not want to enable more than are needed. Which action meets these requirements?
A. Change the rules using the Generate and Use Recommendations feature.
B. Change the rule state within the policy being used.
C. Change the dynamic state of the rule within the policy.
D. Change the base policy to Security over Connectivity.
A network administrator is configuring a site-to-site IPsec VPN to a router sitting behind a Cisco FTD. The administrator has configured an access policy to allow traffic to this device on UDP 500, 4500, and ESP VPN traffic is not working. Which action resolves this issue?
A. Set the allow action in the access policy to trust.
B. Enable IPsec inspection on the access policy.
C. Modify the NAT policy to use the interface PAT.
D. Change the access policy to allow all ports.
An administrator is attempting to remotely log into a switch in the data center using SSH and is unable to connect. How does the administrator confirm that traffic is reaching the firewall?
A. by performing a packet capture on the firewall
B. by attempting to access it from a different workstation
C. by running Wireshark on the administrator's PC
D. by running a packet tracer on the firewall
A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisco FMC generated an alert for the malware event, however the user still remained connected. Which Cisco AMP file rule action within the Cisco FMC must be set to resolve this issue?
A. Malware Cloud Lookup
B. Reset Connection
C. Detect Files
D. Local Malware Analysis
A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC. An engineer must configure policies to detect potential intrusions but not block the suspicious traffic Which action accomplishes this task?
A. Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the “Drop when inline” option.
B. Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the “Drop when inline” option.
C. Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the “Drop when inline” option.
D. Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the “Drop when inline” option.