QUESTION 101
An engineer is configuring a Cisco Secure Firewall Threat Defense device and wants to create a new intrusion rule based on the detection of a specific pattern in the data payload for a new zero-day exploit. Which keyword type must be used to add a line that identifies the author of the rule and the date it was created?
A. gtp_info
B. content
C. reference
D. metadata
Correct Answer: D
QUESTION 102
Encrypted Visibility Engine (EVE) is enabled under which tab on an access control policy in Cisco Secure Firewall Management Center?
A. SSL
B. Network Analysis Policy
C. Security Intelligence
D. Advanced
Correct Answer: D
QUESTION 103
A network engineer is planning on deploying a Cisco Secure Firewall Threat Defense Virtual appliance in transparent mode. Which two virtual environments support this configuration? (Choose two.)
A. GCP
B. OSI
C. AWS
D. KVM
E. ESXi
Correct Answer: DE
QUESTION 104
What is a valid method of establishing trust between Cisco ISE and Cisco Secure Firewall Management Center during pxGrid integration?
A. API key
B. mirrored passwords
C. preshared key
D. certificates
Correct Answer: D
QUESTION 105
Which two statements are valid regarding the licensing model used on Cisco Secure Firewall Threat Defense Virtual appliances? (Choose two.)
A. All licenses support a maximum of 250 VPN peers.
B. Licenses can be used on any supported cloud platform.
C. All licenses require 500G of available storage for the VM.
D. All licenses support up to 16 vCPUs.
E. Licenses can be used on both physical and virtual appliances.
Correct Answer: BE
QUESTION 106
An engineer has been tasked with performing an audit of network objects to determine which objects are duplicated across the various firewall models (Cisco Secure Firewall Threat Defense, Cisco Secure Firewall ASA, and Meraki MX Series) deployed throughout the company. Which tool will assist the engineer in performing that audit?
A. Cisco Secure Firewall Management Center
B. Cisco SecureX
C. Cisco Defense Orchestrator
D. Cisco Firepower Device Manager
Correct Answer: C
QUESTION 107
A network engineer is deploying a pair of Cisco Secure Firewall Threat Defense devices managed by Cisco Secure Firewall Management Center for High Availability. Internet access is a high priority for the business and therefore they have invested in internet circuits from two different ISPs. The requirement from the customer is that internet access must be available to their users even if one of the ISPs is down. Which two features must be deployed to achieve this requirement? (Choose two.)
A. BGP
B. Route Tracking
C. SLA Monitor
D. Redundant interfaces
E. EtherChannel interfaces
Correct Answer: BC
QUESTION 108
What is the result when two users modify a VPN policy at the same time on a Cisco Secure Firewall Management Center managed device?
A. The first user locks the configuration when selecting edit on the policy.
B. The changes from both users will be merged together into the policy.
C. The system prevents modifications to the policy by multiple users.
D. Both users can edit the policy and the last saved configuration persists.
Correct Answer: D
QUESTION 109
Which file format can standard reports from Cisco Secure Firewall Management Center be downloaded in?
A. doc
B. csv
C. ppt
D. xls
Correct Answer: B
QUESTION 110
Cisco SecureX is classified as which type of threat detection and response solution?
A. MDR
B. XDR
C. NDR
D. EDR
Correct Answer: B
QUESTION 111
An external vendor is reporting that they are unable to access an ordering website hosted behind a Cisco Secure Firewall Threat Defense device. The administrator of the device wants to verify that the access policy and NAT policy are configured correctly to allow traffic from the public IP of the external vendor to TCP port 443 on the web server. Which two Cisco Secure Firewall Management Center tools must the administrator use to verify which rules the traffic from the external vendor is matching? (Choose two.)
A. File Download
B. Threat Defense CLI
C. Generate Troubleshooting File
D. Packet Capture
E. Packet Tracer
Correct Answer: DE
QUESTION 112
A network engineer is planning on replacing an Active/Standby pair of physical Cisco Secure Firewall ASAs with a pair of Cisco Secure Firewall Threat Defense Virtual appliances. Which two virtual environments support the current High Availability configuration? (Choose two.)
A. KVM
B. AWS
C. Openstack
D. ESXi
E. Azure
Correct Answer: AD
QUESTION 113
An engineer is configuring a Cisco Secure Firewall Threat Defense device managed by Cisco Secure Firewall Management Center. The device must have SSH enabled and be accessible from the inside interface for remote administration. Which type of policy must the engineer configure to accomplish this?
A. identity
B. platform settings
C. prefilter
D. access control
Correct Answer: B
QUESTION 114
A security engineer is deploying Cisco Secure Endpoint to detect a zero day malware attack with an SHA-256 hash of XXXXX. What must be configured in Cisco Secure Endpoint to enable the application to take action based on this hash?
A. transform set
B. custom detection list
C. correlation policy
D. access control rule
Correct Answer: B
QUESTION 115
Which two features can be used with Cisco Secure Firewall Threat Defense remote access VPN? (Choose two.)
A. enable Duo two-factor authentication using LDAPS
B. support for Rapid Threat Containment using RADIUS dynamic authorization
C. SSL remote access VPN supports port sharing with other Cisco FTD features using SSL port 443
D. support for Cisco Secure Firewall 4100 Series in cluster mode
E. use of license utilization for zero-touch network deployment
Correct Answer: BE
QUESTION 116
An engineer is setting up a new Cisco Secure Firewall Threat Defense appliance to replace the current firewall. The company requests that inline sets be used and that when one interface in an inline set goes down, the second interface in the inline set goes down. What must the engineer configure to meet the deployment requirements?
A. Strict TCP Enforcement
B. Snort Fail Open
C. Propagate Link State
D. inline tap mode
Correct Answer: C
QUESTION 117
A network engineer must configure IPS mode on a Secure Firewall Threat Defense device to inspect traffic and act as an IDS. The engineer already configured the passive-interface on the Secure Firewall Threat Defense device and SPAN on the switch. What must be configured next by the engineer?
A. DHCP on the switch
B. active interface on the Secure Firewall Threat Defense device
C. active SPAN port on the switch
D. intrusion policy on the Secure Firewall Threat Defense device
Correct Answer: D
QUESTION 118
A network administrator is configuring a BVI interface on a routed FTD. The administrator wants to isolate traffic on the interfaces connected to the bridge group and not have the FTD route this traffic using the routing table. What must be configured?
A. A new VRF must be created for the BVI interface.
B. The BVI interface must be configured for transparent mode.
C. An IP address must be configured on the BVI.
D. IP routing must be removed from the physical interfaces connected to the BVI.
Correct Answer: B
QUESTION 119
An organization created a custom application that is being flagged by Cisco Secure Endpoint. The application must be exempt from being flagged. What is the process to meet the requirement?
A. Configure the custom application to use the information-store paths.
B. Precalculate the hash value of the custom application and add it to the allowed applications.
C. Modify the custom detection list to exclude the custom application.
D. Add the custom application to the DFC list and update the policy.
Correct Answer: B
QUESTION 120
An engineer is configuring a new dashboard within Cisco Secure Firewall Management Center and is having trouble implementing a custom widget. When a custom analysis widget is configured, which option is mandatory for the system to display the information?
A. filter
B. table
C. title
D. results
Correct Answer: B
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.