Question 6 of 412

With Cisco FTD software, which interface mode must be configured to passively receive traffic that passes through the appliance?

Answer

Suggested Answer

The suggested answer is B.

To passively receive traffic that passes through the appliance with Cisco FTD software, you need to configure the interface in 'passive' mode. In passive mode, the device operates as an Intrusion Detection System (IDS), where it monitors the traffic without being in the data path itself. It receives copies of the traffic, often through mechanisms like port mirroring (SPAN), enabling it to detect and analyze traffic without interfering with the actual data flow.

Community Votes18 votes
DMost voted
72%
BSuggested
28%
Question 7 of 412

Which two deployment types support high availability? (Choose two.)

Answer

Suggested Answer

The suggested answer is C, D.

High availability in deployment types is generally supported by those setups that involve redundancy or scaling across multiple instances or devices. Clustered deployment supports high availability by distributing the load across multiple devices, ensuring that if one fails, others can take over. Intra-chassis multi-instance deployment also supports high availability by running multiple instances within the same chassis, allowing continuous operation even if individual instances fail.

Community Votes3 votes
ABMost voted
100%
Question 8 of 412

Which protocol establishes network redundancy in a switched Firepower device deployment?

Answer

Suggested Answer

The suggested answer is A.

STP (Spanning Tree Protocol) establishes network redundancy in a switched device deployment by preventing bridge loops and ensuring there is a loop-free topology in a network with redundant paths. Firepower devices can use STP to create a resilient network by automatically activating backup paths if the primary one fails. This maintains network uptime and stability in an environment with multiple switches.

Community Votes1 vote
ASuggested
100%
Question 9 of 412

Which interface type allows packets to be dropped?

Answer

Suggested Answer

The suggested answer is B.

The correct answer is 'inline'. An inline interface type allows packets to be evaluated and dropped or modified as necessary. Passive interfaces, ERSPAN (Encapsulated Remote Switched Port Analyzer), and TAP (Test Access Points) typically involve monitoring or mirroring traffic without actively dropping packets.

Community Votes3 votes
BSuggested
100%
Question 10 of 412

Which Cisco Firepower Threat Defense, which two interface settings are required when configuring a routed interface? (Choose two.)

Answer

Suggested Answer

The suggested answer is C, E.

When configuring a routed interface on Cisco Firepower Threat Defense, the settings for Speed and Duplex are required. Speed allows you to specify the transmission rate of the interface, and Duplex determines whether the interface operates in half-duplex or full-duplex mode. These settings are essential for ensuring proper communication and performance of the network interface.

Community Votes2 votes
CESuggested
100%