Topic 1: Deployment
Which protocol establishes network redundancy in a switched Firepower device
deployment?
A.
STP
B.
HSRP
C.
GLBP
D.
VRRP
STP
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmcconfig-guide-v62/firepower_threat_defense_high_availability.html
Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN. What must be configured to meet these requirements?
A.
span EtherChannel clustering
B.
redundant interfaces
C.
high availability active/standby firewalls
D.
multi-instance firewalls
multi-instance firewalls
Which policy rule is included in the deployment of a local DMZ during the initial deployment
of a Cisco NGFW through the Cisco FMC GUI?
A.
a default DMZ policy for which only a user can change the IP addresses.
B.
deny ip any
C.
no policy rule is included
D.
permit ip any
no policy rule is included
With Cisco Firepower Threat Defense software, which interface mode must be configured
to passively receive traffic that passes through the appliance?
A.
inline set
B.
passive
C.
routed
D.
inline tap
passive
An administrator is optimizing the Cisco FTD rules to improve network performance, and
wants to bypass inspection for certain traffic types to reduce the load on the Cisco FTD.
Which policy must be configured to accomplish this goal?
A.
prefilter
B.
intrusion
C.
identity
D.
URL filtering
prefilter
On the advanced tab under inline set properties, which allows interfaces to emulate a
passive interface?
A.
transparent inline mode
B.
TAP mode
C.
strict TCP enforcement
D.
propagate link state
propagate link state
A Cisco FTD has two physical interfaces assigned to a BVI. Each interface is connected to
a different VLAN on the same switch. Which firewall mode is the Cisco FTD set up to
support?
A.
active/active failover
B.
transparent
C.
routed
D.
high availability clustering
transparent
Which Firepower feature allows users to configure bridges in routed mode and enables
devices to perform Layer 2 switching between interfaces?
A.
FlexConfig
B.
BDI
C.
SGT
D.
IRB
IRB
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/relnotes/
Firepower_System_Release_Notes_Version_620/new_features_and_functionality.html
Which action should be taken after editing an object that is used inside an access control
policy?
A.
Delete the existing object in use
B.
Refresh the Cisco FMC GUI for the access control policy.
C.
Redeploy the updated configuration
D.
Create another rule using a different object name.
Redeploy the updated configuration
https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmcconfig-
guide-v63/reusable_objects.html
Which command is entered in the Cisco FMC CLI to generate a troubleshooting file?
A.
show running-config
B.
show tech-support chassis
C.
system support diagnostic-cli
D.
sudo sf_troubleshoot.pl
sudo sf_troubleshoot.pl
Page 3 out of 26 Pages |
Previous |