Topic 3: Management and Troubleshooting
How many report templates does the Cisco Firepower Management Center support?
A.
20
B.
10
C.
5
D.
unlimited
unlimited
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmcconfig-
guide- v60/Working_with_Reports.html
Which command should be used on the Cisco FTD CLI to capture all the packets that hit
an interface?
A.
configure coredump packet-engine enable
B.
capture-traffic
C.
capture
D.
capture WORD
capture
Reason: the command "capture-traffic" is used for SNORT Engine Captures. To capture a
LINA Engine Capture, you use the "capture" command. Since the Lina Engine represents
the actual physical interface of the device, "capture" is the only reasonable choice
Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212474-
working-with-firepower-threat-defense-f.html#anc10
The command is
firepower# capture DMZ interface dmz trace detail match ip host 192.168.76.14 host
192.168.76.100
firepower# capture INSIDE interface inside trace detail match ip host 192.168.76.14 host
192.168.75.14
A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?
A.
A manual NAT exemption rule does not exist at the top of the NAT table.
B.
An external NAT IP address is not configured.
C.
An external NAT IP address is configured to match the wrong interface.
D.
An object NAT exemption rule does not exist at the top of the NAT table.
A manual NAT exemption rule does not exist at the top of the NAT table.
Explanation: https://www.cisco.com/c/en/us/support/docs/security/firepower-managementcenter/212702-configure-and-verify-nat-on-ftd.html
Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked?
(Choose two.)
A.
application blocking
B.
simple custom detection
C.
file repository
D.
exclusions
E.
application whitelisting
application blocking
simple custom detection
What is a valid Cisco AMP file disposition?
A.
non-malicious
B.
malware
C.
known-good
D.
pristine
malware
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmcconfig-
guide- v60/Reference_a_wrapper_Chapter_topic_here.html
An engineer is configuring Cisco FMC and wants to allow multiple physical interfaces to be
part of the same VLAN. The managed devices must be able to perform Layer 2 switching
between interfaces, including sub-interfaces. What must be configured to meet these
requirements?
A.
interface-based VLAN switching
B.
inter-chassis clustering VLAN
C.
integrated routing and bridging
D.
Cisco ISE Security Group Tag
integrated routing and bridging
Which two remediation options are available when Cisco FMC is integrated with Cisco
ISE? (Choose two.)
A.
dynamic null route configured
B.
DHCP pool disablement
C.
quarantine
D.
port shutdown
E.
host shutdown
quarantine
port shutdown
Reference: https://www.cisco.com/c/en/us/support/docs/security/identity-servicesengine/210524-configure- firepower-6-1-pxgrid-remediati.html
What is the maximum SHA level of filtering that Threat Intelligence Director supports?
A.
SHA-1024
B.
SHA-4096
C.
SHA-512
D.
SHA-256
SHA-256
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmcconfig-
guide-v623/cisco_threat_intelligence_directortid_.html
Which Cisco Firepower rule action displays an HTTP warning page?
A.
Monitor
B.
Block
C.
Interactive Block
D.
Allow with Warning
Interactive Block
Reference: https://www.cisco.com/c/en/us/td/docs/security/firesight/541/userguide/FireSIGHT-System- UserGuide-v5401/AC-Rules-Tuning-Overview.html#76698
In a Cisco AMP for Networks deployment, which disposition is returned if the cloud cannot
be reached?
A.
unavailable
B.
unknown
C.
clean
D.
disconnected
unavailable
| Page 7 out of 26 Pages |
| Previous |
Copyright © - All Rights Reserved