A security engineer must deploy a Cisco FTD appliance as a bump in the wire to detect intrusion events without disrupting the flow of network traffic. Which two features must be configured to accomplish the task? (Choose two.)
An engineer installs a Cisco FTD device and wants to inspect traffic within the same subnet passing through a firewall and inspect traffic destined to the internet.
Which configuration will meet this requirement?
Which command is run at the CLI when logged in to an FTD unit, to determine whether the unit is managed locally or by a remote FMC server?
Which command should be used on the Cisco FTD CLI to capture all the packets that hit an interface?
Reason: the command "capture-traffic" is used for SNORT Engine Captures. To capture a LINA Engine Capture, you use the "capture" command. Since the Lina Engine represents the actual physical interface of the device, "capture" is the only reasonable choice Reference: https://www.cisco.com/c/en/us/support/ docs/security/firepower-ngfw/212474-working-with-firepower-threat-defense-f.html#anc10
The command is
firepower# capture DMZ interface dmz trace detail match ip host 192.168.76.14 host 192.168.76.100
firepower# capture INSIDE interface inside trace detail match ip host 192.168.76.14 host 192.168.75.14
Which group within Cisco does the Threat Response team use for threat analysis and research?
Which CLI command is used to generate firewall debug messages on a Cisco Firepower?
Within Cisco Firepower Management Center, where does a user add or modify widgets?
Within an organization's high availability environment where both firewalls are passing traffic, traffic must be segmented based on which department it is destined for. Each department is situated on a different LAN. What must be configured to meet these requirements?
Which two packet captures does the FTD LINA engine support? (Choose two.)
Which report template field format is available in Cisco FMC?
Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)
Which protocol establishes network redundancy in a switched Firepower device deployment?
A network security engineer must replace a faulty Cisco FTD device in a high availability pair. Which action must be taken while replacing the faulty unit?
An engineer is tasked with deploying an internal perimeter firewall that will support multiple DMZs Each DMZ has a unique private IP subnet range. How is this requirement satisfied?
An organization is migrating their Cisco ASA devices running in multicontext mode to Cisco FTD devices. Which action must be taken to ensure that each context on the Cisco ASA is logically separated in the Cisco FTD devices?
In which two ways do access control policies operate on a Cisco Firepower system? (Choose two.)
An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?
Which two types of objects are reusable and supported by Cisco FMC? (Choose two.)
A network administrator reviews the file report for the last month and notices that all file types, except exe. show a disposition of unknown. What is the cause of this issue?
A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that access control rule logs be collected for analysis. The security engineer is concerned that the Cisco FMC will not be able to process the volume of logging that will be generated. Which configuration addresses this concern?
Which two statements about bridge-group interfaces in Cisco FTD are true? (Choose two.)
An administrator is creating interface objects to better segment their network but is having trouble adding interfaces to the objects. What is the reason for this failure?
"All interfaces in an interface object must be of the same type: all inline, passive, switched, routed, or ASA FirePOWER. After you create an interface object, you cannot change the type of interfaces it contains."
Which two remediation options are available when Cisco FMC is integrated with Cisco ISE? (Choose two.)
Which connector is used to integrate Cisco ISE with Cisco FMC for Rapid Threat Containment?
What is a valid Cisco AMP file disposition?
Which two features of Cisco AMP for Endpoints allow for an uploaded file to be blocked? (Choose two.)
What is the disadvantage of setting up a site-to-site VPN in a clustered-units environment?
What is the maximum SHA level of filtering that Threat Intelligence Director supports?
Which Cisco Advanced Malware Protection for Endpoints policy is used only for monitoring endpoint actively?
Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?