With Cisco Firepower Threat Defense software, which interface mode must be configured to passively receive traffic that passes through the appliance?
A. inline set
B. passive
C. routed
D. inline tap
What is the benefit of selecting the trace option for packet capture?
A. The option indicates whether the packet was dropped or successful.
B. The option indicated whether the destination host responds through a different path.
C. The option limits the number of packets that are captured.
D. The option captures details of each packet.
Which description of a correlation policy configuration in the Cisco Firepower Management Center is true?
A. The system displays correlation policies that are created on all of the domains in a multidomain deployment
B. Deleting a response group deletes the responses of that group
C. You cannot add a host profile qualification to a correlation rule that is triggered by a malware event
D. Correlation policy priorities override whitelist priorities
Which function is the primary function of Cisco AMP threat Grid?
A. It analyzes copies of packets from the packet flow
B. The device is deployed in a passive configuration
C. If a rule is triggered the device generates an intrusion event.
D. The packet flow traverses the device
E. If a rule is triggered the device drops the packet
Which Cisco FMC report gives the analyst information about the ports and protocols that are related to the configured sensitive network for analysis?
A. Malware Report
B. Host Report
C. Firepower Report
D. Network Report
Which firewall design will allow it to forward traffic at layers 2 and 3 for the same subnet?
A. routed mode
B. Cisco Firepower Threat Defense mode
C. transparent mode
D. integrated routing and bridging
A network engineer must provide redundancy between two Cisco FTD devices. The redundancy configuration must include automatic configuration, translation, and connection updates. After the initial configuration of the two appliances, which two steps must be taken to proceed with the redundancy configuration? (Choose two.)
A. Configure the virtual MAC address on the failover link.
B. Configure the failover link with stateful properties.
C. Disable hellos on the inside interface.
D. Ensure the high availability license is enabled.
E. Configure the standby IP addresses.
Which process should be checked when troubleshooting registration issues between Cisco FMC and managed devices to verify that secure communication is occurring?
A. fpcollect
B. dhclient
C. sfmgr
D. sftunnel
A security engineer needs to configure a network discovery policy on a Cisco FMC appliance and prevent excessive network discovery events from overloading the FMC database. Which action must be taken to accomplish this task?
A. Change the network discovery method to TCP/SYN.
B. Configure NetFlow exporters for monitored networks.
C. Monitor only the default IPv4 and IPv6 network ranges.
D. Exclude load balancers and NAT devices in the policy.
Which Cisco AMP for Endpoints policy is used only for monitoring endpoint activity?
A. Windows domain controller
B. audit
C. triage
D. protection