QUESTION 41
The network administrator must send a daily email report to management about changes made during the last 24 hours in Cisco Secure Firewall Management Center. Which system setting must be enabled to meet the requirement?
A. Change Reconciliation
B. Send Audit Log to HTTP Server
C. Send Audit Log to Syslog
D. STIG Compliance
Correct Answer: A
QUESTION 42
How must a new Cisco Secure Firewall Threat Defense device be deployed to act as a Layer 2 device that uses a bridge group for connectivity?
A. access
B. transparent mode
C. routed mode
D. virtual
Correct Answer: B
QUESTION 43
A security administrator must configure Cisco Secure Firewall Management Center to ensure that certain intrusion rules are only active during specific times. Which action must the engineer take to meet the requirement?
A. Assign a time range to each intrusion rule that is contained in the policy to specify when the rules are enforced.
B. Create a time-based access control policy that activates the intrusion rules at scheduled intervals.
C. Create a scheduled task to activate and deactivate the intrusion rules at the desired times.
D. Configure a time-based trigger in the intrusion policy to enable the rules at defined times.
Correct Answer: A
QUESTION 44
An engineer must configure the encrypted visibility engine in Cisco Secure Firewall Management Center. The engineer already created an access control policy. Which two actions must be taken to complete the configuration? (Choose two.)
A. Enable the Cisco success Network.
B. Enable application detectors in the network discovery policy.
C. Configure an identity policy for user identification.
D. Configure automatic updates for Cisco vulnerability database.
E. Configure an SSL/TLS policy.
Correct Answer: AE
QUESTION 45
Which action must be taken to configure an isolated bridge group for IRB mode on a Cisco Secure Firewall device?
A. Leave BVI interface name empty.
B. Add the restricted segment to the ACL.
C. Remove the route from the routing table.
D. Define the NAT pool for the blocked traffic.
Correct Answer: A
QUESTION 46
Network users experience issues when accessing a server on a different network segment. An engineer investigates the issue by performing packet capture on Cisco Secure Firewall Threat Defense. The engineer expects more data and suspects that not all the traffic was collected during a 15-minute capture session. Which action must the engineer take to resolve the issue?
A. Provide a file name to save the data.
B. Forward the captured data to an FTP server.
C. Increase the amount of RAM allocated for the capture.
D. Ensure that the allocated memory is sufficient.
Correct Answer: D
QUESTION 47
An engineer must replace a Cisco Secure Firewall high-availability device due to a failure. When the replacement device arrives, the engineer must separate the high-availability pair from Cisco Secure Firewall Management Center. Which action must the engineer take first to restore high availability?
A. Register the secondary device.
B. Force a break between the devices.
C. Unregister the secondary device.
D. Configure NTP time synchronization.
Correct Answer: C
QUESTION 48
An administrator is attempting to add a new Cisco Secure Firewall Threat Defense device to Cisco Secure Firewall Management Center. The private IP address of the FMC server is 192.168.75.201. Which command must be used in order to accomplish this task?
A. configure manager add 192.168.75.201 <reg_key>
B. configure manager add 192.168.75.201/24 <reg_key>
C. configure manager add 192.168.75.201255.255.255.0 <reg_key>
D. configure manager add 192.168.45.45 <reg_key> <nat-id>
Correct Answer: A
QUESTION 49
Which component simplifies incident investigation with Cisco Threat Response?
A. browser plug-in
B. Cisco AMP client
C. local CVE database
D. Cisco Secure Firewall appliance
Correct Answer: A
QUESTION 50
A network administrator is trying to configure Active Directory authentication for VPN authentication to a Cisco Secure Firewall Threat Defense instance that is registered with Cisco Secure Firewall Management Center. Which system settings must be configured first in Secure Firewall Management Center to accomplish the goal?
A. Device, Remote Access VPN
B. Policies, Authentication
C. Authentication, Device
D. System, Realms
Correct Answer: D
QUESTION 51
A network administrator is trying to configure an access rule to allow access to a specific banking site over HTTPS but not HTTP. Which method must the administrator use to meet the requirement?
A. Define the URL to be blocked and set the application to HTTP.
B. Block the category of banking and define the application of www.
C. Enable SSL decryption and specify the URL.
D. Define the URL to be blocked and disable SSL inspection.
Correct Answer: C
QUESTION 52
An administrator must fix a network problem whereby traffic from the inside network to a webserver is not getting through an instance of Cisco Secure Firewall Threat Defense. Which command must the administrator use to capture packets to the webserver that are dropped by Secure Firewall Threat Defense and resolve the issue?
A. capture CAP type asp-drop all headers-only
B. capture CAP int OUTSIDE match ip any host WEBSERVERIP
C. capture CAP int INSIDE match tcp any 80 host WEBSERVERIP 80
D. capture CAP int INSIDE match ip any host WEBSERVERIP
Correct Answer: A
QUESTION 53
Which component is needed to perform rapid threat containment with Cisco FMC?
A. ISE
B. RESTful API
C. DDI
D. SIEM
Correct Answer: A
QUESTION 54
An administrator configures the interfaces of a Cisco Secure Firewall Threat Defense device in an inline IPS deployment. The administrator completes these actions:
1. identifies the device and the interfaces
2. sets the interface mode to inline
3. enables the interfaces
Which configuration step must the administrator take next to complete the implementation?
A. Enable spanning-tree PortFast on the interfaces.
B. Set the interface to routed mode.
C. Set the interface to transparent mode.
D. Configure an inline set.
Correct Answer: D
QUESTION 55
A network administrator manages a network with multiple firewalls in a data center. The administrator must change a next-generation firewall from routed to transparent mode. Which action must the administrator take to meet the requirement?
A. Enter the configure firewall transparent command from the CLI.
B. Manually delete the interface configuration from the CLI.
C. Create one or more bridge groups from the CLI
D. Deregister the firewall in Cisco Secure Firewall Management Center.
Correct Answer: C
QUESTION 56
An engineer is deploying a Cisco Secure Firewall Management Center appliance. The company must send data to Cisco Secure Network Analytics appliances. Which two actions must the engineer take? (Choose two.)
A. Add the Netflow_ Set_Parameters object to the configuration.
B. Add the Netflow_Add_Destination object to the configuration.
C. Create a service identifier to enable the NetFlow service.
D. Add the Netflow_Send_Destination object to the configuration
E. Security Intelligence object to send data to Cisco Secure Network Analytics.
Correct Answer: AB
QUESTION 57
An engineer must configure and generate a report in Cisco Secure Firewall Management Center. The report must allow for the addition of headers and footers, and it will contain many pages. Which format must the engineer configure the report to use?
A. doc
B. xls
C. xml
D. pdf
Correct Answer: D
QUESTION 58
A network administrator is trying to configure a previously created file policy on a new access policy. Which action must the administrator take before applying the file policy?
A. Assign the file policy to the default action.
B. Set up an inspection policy.
C. Apply an application to an access control rule
D. Create a new access control rule
Correct Answer: D
QUESTION 59
An engineer must deny ICMP traffic to the networks of separate departments that use Cisco Secure Firewall Management Center. The engineer must use the same object on the relevant device for each network. What must be configured in Secure Firewall Management Center?
A. Allow Overrides check box
B. IP address
C. IP range
D. Deny ICMP check box
Correct Answer: A
QUESTION 60
An engineer must implement Cisco Secure Firewall transparent mode due to a new server recently being added that must communicate with an existing server that is currently separated by the firewall. Which implementation action must be taken next by the engineer to accomplish the goal?
A. Configure the same default gateway for both servers.
B. Ensure that both servers are in the same bridge domain.
C. Assign the same subnet to both servers
D. Enable both servers to share the same VXLAN segment.
Correct Answer: B
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.