Which of the following describes more than one image running on an UCS chassis with chassis manager? High availability Clustering Multi-instance Containers.
Which of the following allows multiple instances on a security engine? High availability Clustering Multi-instance Containers.
Which of the following describes active/standby data flow? High availability Clustering Multi-instance Containers.
Which of the following would allow active/active data flow? High availability Clustering Multi-instance Containers.
What type of interface is created when you want to configure BVIs? Bridge Group Interface Bridge Virtual Interface Virtual Bridge Group Group Bridge Interface.
What is the purpose of creating a BVI? To route through a bridge To route over a WAN to a VLAN To bridge through a router To bridge through a higher end switch.
What are the two NGFW modes?
(Select all that apply) Passive Inline Routed Transparent.
What are the two NGIPS modes?
(Select all that apply) Passive Inline Routed Transparent.
Which of the following interface types can drop bad traffic? Passive Inline Inline tap ERSPAN.
Which of the following NGFW modes will not change the VLAN header? Routed IRB Transparent Passive.
Which policy is mandatory in order to bring a device into the FMC? Access Control Intrusion File & Malware Platform settings Allowed-in device policy.
Which of the layer 3 and layer 7 Security intelligence lists can be configured in Firepower? IP URL DNS SHA Malware.
You want to add a DNS policy into the Access Control policy. What tab would you chose in the ACP to add the DNS policy? Advanced Security Intelligence Rules Logging HTTP Responses.
You want to add a rule with an action that would allow packets to skip the SNORT process completely. What type of rule action would you create and in which policy? Prefilter FastPath Prefilter Access Control Intrusion.
Which of the following policies would you add in order to provide AD integration with the FMC? Correlation Identity DNS Network Discovery Access Control.
You want to add an Identity policy into the Access Control policy. What tab would you choose in the ACP to add the Identity policy? Rules Advanced Security Intelligence Logging HTTP Responses.
Which FOUR of the following Actions can you choose in a File & Malware rule? Block Malware Inspect Detect Files Allow Malware Cloud Lookup Block.
You want to add a SSL policy into the Access Control policy. What tab would you chose in the ACP to add the SSL policy? Advanced Rules Security Intelligence Logging SSL Responses.
A File & Malware rule can be configured to store files. Which four types can a rule be configured to store? Malware Clean Unknown Custom Undetermined Unrecognized Not Sure.
Which three of the following are Cisco IPS base policies? Balanced Security over Connectivity Security over Connectivity Connectivity over Security Medium Overhead Recommended Rules No rules Active Low Overhead Recommended Base.
Which are the two are IPS rules states you can configure in an IPS rule? Generate events Block and log Generate events Block and Generate Events Drop while Inline.
Which are the two are IPS rules actions you can configure for an IPS rule? Alert Pass Alert and Generate Event Block and Generate Events Generate events.
Which four protocols can be configured to alert in an IPS rule? IP DNS TCP UDP ICMP SSL.
What are the two Event Filtering types you can configure on a rule? Threshold Rate Limiting Suppression Dynamic State Suppression.
Which policy creates a database of User, Hosts and Applications? Identity Firepower Network Discovery IPS SSL DNS.
Which three policies are created in the FMC but implemented in the LINA process? DNS QoS VPN NAT Identity Object Management.
To harden the FTD device and add Syslog and SNMP alerting to the device, which of the following policies will you configure? Firepower Hardening Platform Identity Device Management System Configuration.
To harden the FMC and add Syslog and SNMP alerting to the device, which of the following policies will you configure? Identity Firepower Hardening Device Management Platform System Configuration.
The two types of NAT you can configure in the Device Management section are? Manual NAT Auto NAT Three-NAT Manual-Override Auto NAT.
Which Four are actions you can configure in an SSL rule? Block Allow Pass Do Not Decrypt Decrypt Resign Decrypt Known Key.
|
