- All Exams Instant Download
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)A . The BVI IP address must be in a separate subnet from the connected network.B . Bridge groups are supported in both transparent and routed firewall modes.C . Bridge groups are supported only in transparent firewall mode.D...
Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)
Which two routing options are valid with Cisco Firepower Threat Defense? (Choose two.)A . BGPv6B . ECMP with up to three equal cost paths across multiple interfacesC . ECMP with up to three equal cost paths across a single interfaceD . BGPv4 in transparent firewall modeE . BGPv4 with nonstop...
Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?
Which command is run on an FTD unit to associate the unit to an FMC manager that is at IP address 10.0.0.10, and that has the registration key Cisco123?A . configure manager local 10.0.0.10 Cisco123B . configure manager add Cisco123 10.0.0.10C . configure manager local Cisco123 10.0.0.10D . configure manager...
On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?
On the advanced tab under inline set properties, which allows interfaces to emulate a passive interface?A . transparent inline modeB . TAP modeC . strict TCP enforcementD . propagate link stateView AnswerAnswer: D Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-configguide-v64/inline_sets_and_passive_interfaces_for_firepower_threat_defense.html
Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)
Which two dynamic routing protocols are supported in Firepower Threat Defense without using FlexConfig? (Choose two.)A . EIGRPB . OSPFC . static routingD . IS-ISE . BGPView AnswerAnswer: CE Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660/ fptd-fdm-routing.html
Which protocol establishes network redundancy in a switched Firepower device deployment?
Which protocol establishes network redundancy in a switched Firepower device deployment?A . STPB . HSRPC . GLBPD . VRRPView AnswerAnswer: A Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-configguide-v62/firepower_threat_defense_high_availability.html
What is a result of enabling Cisco FTD clustering?
What is a result of enabling Cisco FTD clustering?A . For the dynamic routing feature, if the master unit fails, the newly elected master unit maintains all existing connections.B . Integrated Routing and Bridging is supported on the master unit.C . Site-to-site VPN functionality is limited to the master unit,...
Which interface type allows packets to be dropped?
Which interface type allows packets to be dropped?A . passiveB . inlineC . ERSPAND . TAPView AnswerAnswer: B Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200908-configuringfirepower-threat-defense-int.html
What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?
What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?A . VPN connections can be re-established only if the failed master unit recovers.B . Smart License is required to maintain VPN connections simultaneously across all cluster units.C . VPN connections must be re-established when a new...
