QUESTION 61
An engineer is deploying a Cisco ASA Secure Firewall module. The engineer must be able to examine traffic without impacting the network, and the ASA has been deployed with a single context. Which ASA Secure Firewall module deployment mode must be implemented to meet the requirements?
A. routed mode with inline tap monitor-only mode
B. transparent mode with inline tap monitor-only mode
C. transparent mode with passive monitor-only mode
D. routed mode with passive monitor-only mode
Correct Answer: C
QUESTION 62
A network administrator is configuring a transparent Cisco Secure Firewall Threat Defense registered to a Cisco Secure Firewall Management Center. The administrator wants to configure the Secure Firewall Threat Defense to allow ARP traffic to pass between two interfaces of a bridge group. What must be configured?
A. ARP inspection must be disabled
B. An access policy must allow MAC address FFFF.FFFF.FFFF.
C. Use the default configuration on the devices.
D. An access policy must allow MAC address 0100.0CCC.CCCD
Correct Answer: C
QUESTION 63
An engineer must investigate a connectivity issue by using Cisco Secure Firewall Management Center to access the Packet Capture feature on a Cisco Secure Firewall Threat Defense device. The engineer must see a real packet going through the Secure Firewall Threat Defense device and the Snort detection actions. While reviewing the packet capture, the engineer discovers that the Snort detection actions are missing. Which action must the engineer take to resolve the issue?
A. Enable the Continuous Capture option.
B. Specify the packet size.
C. Enable the Trace option
D. Specify the buffer size
Correct Answer: C
QUESTION 64
A VPN administrator converted an instance of Cisco Secure Firewall Threat Defense, which is managed by Cisco Secure Firewall Management Center, from using LDAP to DAPS for remote access VPN authentication. Which certificate must be added to allow for remote users to authenticate over the VPN?
A. Secure Firewall Management Center certificate must be added to the LDAPS server.
B. LDAPS server certificate must be added to Secure Firewall Threat Defense
C. Secure Firewall Threat Defense certificate must be added to the LDAPS server
D. LDAPS server certificate must be added to Secure Firewall Management Center realms
Correct Answer: B
QUESTION 65
A security engineer must add a new policy to block UDP traffic to one server. The engineer adds a new object. Which action must the engineer take next to identify all the UDP ports?
A. Define the transport protocol and the mandatory port range.
B. Add the corresponding IP protocol number for UDP and TCP.
C. Specify the transport protocol and leave the port number empty.
D. Add the transport number and specify the type and code.
Correct Answer: C
QUESTION 66
Which Cisco Secure Firewall Management Center widget is authorized only for users with administrator access?
A. current sessions
B. system load
C. product licensing
D. appliance information
Correct Answer: D
QUESTION 67
A network administrator wants to configure a default policy to block malicious sites based on the requested URL lookup. Which feature meets the requirement?
A. DNS policies
B. malware policies
C. file policies
D. URL filtering policies
Correct Answer: D
QUESTION 68
A network engineer wants to disable the HTTP response page and interactive blocking of the entire access control policy in Cisco Secure Firewall Management Center. What must be selected in Block Response Page and Interactive Block Response Page?
A. System
B. Custom
C. None
D. View
Correct Answer: C
QUESTION 69
A Cisco Secure Firewall Threat Defense device is configured in inline IPS mode to inspect all traffic that passes through the interfaces in the inline set. Which setting in the inline set configuration must be selected to allow traffic to pass through uninterrupted when VDB updates are being applied?
A. Tap Mode
B. Strict TCP Enforcement
C. Snort Fail Open
D. Propagate Link State
Correct Answer: C
QUESTION 70
A network administrator is setting up a Cisco Secure Firewall Threat Defense to peer via BGP with two ISPs. The administrator wants traffic to certain IP ranges to prefer to come in one ISP instead of the other. What must be configured on the BGP connection to the peer to help facilitate the requirement?
A. route map
B. access list
C. address map
D. prefix list
Correct Answer: A
QUESTION 71
An engineer must implement static route tracking on Cisco Secure Firewall Threat Defense and reroute traffic by using a backup path if the primary path fails. The engineer already defined the primary static route, and the primary path is already monitored. Which action must the engineer take to meet the requirement?
A. Configure a tracking object for the static route.
B. Establish an IP SLA ICMP echo request.
C. Assign a unique tracking ID to the static route.
D. Configure a secondary static route that has higher precedence.
Correct Answer: B
QUESTION 72
A network administrator is configuring an instance of Cisco Secure Firewall Threat Defense, which is registered to Cisco Secure Firewall Management Center, to prevent internal users from downloading executable files from the internet. What must be created and configured by the administrator to meet the requirement?
A. access policy rule that allows users to reach the internet with a second rule that blocks application executables
B. file policy that blocks downloads of all executable files and applies the file policy to the default action in the access policy
C. file policy rule that allows users to reach the internet with a second rule applied that blocks application use of FTP
D. access policy rule that allows users to reach the internet and assigns a file policy that blocks executable downloads to the rule
Correct Answer: D
QUESTION 73
An engineer must reconfigure an NTP server on an IPSv device that is managed by using Cisco Secure Firewall Management Center. The engineer verified secure communications between Secure Firewall Management Center and the NTP server. How must the engineer perform the reconfiguration in Secure Firewall Management Center?
A. Devices > Device Management > Time Synchronization
B. Devices > Platform Settings > [assigned Secure Firewall Settings Policy] > Classic managed devices
C. Devices > Platform Settings > [assigned Threat Defense Settings Policy] > Time Synchronization
D. Devices > Device Management > [NGIPSv device] > Device > System
Correct Answer: C
QUESTION 74
A security engineer is reviewing a Cisco Secure Endpoint public cloud instance. The engineer discovers a malicious verdict for a SHA-256 hash. Which configuration action must be done in Secure Endpoint console to mitigate the threat?
A. Set access control policy and deny files with the hash.
B. Add the hash to the custom detection list.
C. Apply regular expression to block the malicious file.
D. Configure correlation policy to block the hash.
Correct Answer: B
QUESTION 75
An engineer must deploy a Cisco Secure Firewall Threat Defense instance. The company wants the Secure Firewall Threat Defense deployment to allow business traffic in the event of any type of failure, and there must be no connectivity issues caused by the IPS in the perimeter of its data center. Which implementation mode must the engineer use?
A. Snort fail open
B. inline set
C. hardware bypass
D. passive
Correct Answer: C
QUESTION 76
An engineer is deploying failover capabilities for a pair of Cisco Secure Firewall devices. The core switch keeps the MAC address of the previously active unit in the ARP table. Which action must the engineer take to minimize downtime and ensure that network users keep access to the internet after a Cisco Secure Firewall failover?
A. Set the same MAC address on both units.
B. Add the MAC address to the switch ARP table.
C. Run a script to send gratuitous ARP after a failover.
D. Use a virtual MAC address on both units.
Correct Answer: D
QUESTION 77
What is a method used by Cisco Rapid Threat Containment to contain the threat in the network?
A. TACACS+
B. share context data
C. change of authentication
D. trustec segmentation
Correct Answer: B
QUESTION 78
An engineer must integrate Cisco Secure Endpoint with Cisco Secure Firewall Management Center. The company deploys Secure Endpoint to the public cloud and plans to use the same public cloud provider for Cisco Secure Firewall Malware Defense. What must the engineer configure to meet these requirements?
A. file and malware policy
B. proxy for Secure Firewall connection
C. SSL encryption certificate
D. Secure Endpoint for Secure Firewall
Correct Answer: B
QUESTION 79
An engineer is integrating Cisco Secure Endpoint with Cisco Secure Firewall Management Center in high availability mode. Malware events detected by Secure Endpoint must also be received by Secure Firewall Management Center and public cloud services are used. Which two configurations must be selected on both high availability peers independently? (Choose two.)
A. Smart Software Manager Satellite
B. internet connection
C. Cisco Success Network
D. security group tag
E. Secure Endpoint Cloud Connection
Correct Answer: BE
QUESTION 80
A network engineer must configure the cabling between a Cisco Secure Firewall Threat Defense appliance and a network so the Secure Firewall Threat Defense appliance performs inline to analyze and tune generated intrusion events before going live. Which Secure Firewall Threat Defense mode must the engineer use?
A. bypass
B. link state propagation
C. strict TCP enforcement
D. tap mode
Correct Answer: D
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.