oh sorry, ONLY D !

INLINE TAP Copies the data to the SNORT Engine to be checked but then dropped while the actual data flow continues uninterrupted. Therefore, INLINE TAP does not send traffic to another device. The Data is copied but not captured. You still would need to enable packet capture to capture packets (AKA Save PCAP). INLINE: Both inline and Inline Tap mode do not support SSL Decryption-resign... Although im a bit conflicted by this.... Truth is that Inline Mode can DROP malicious traffic but remember that Inline TAP mode CANNOT. Agan this is because tap mode sends a copy of the data to be inspected but not the actual data. Best Answer is D.

A 1. With inline tap mode, the NGFW is only working with a copy of your data path traffic, as opposed to being inline with the actual data path. 2. It still sees all your traffic and can detect suspect traffic, but it cannot block your actual data path. 3. This lets you learn about how the NGFW responds in your particular environment, perhaps building your knowledge and confidence in preparation for Inline mode. 4. False positives and hardware failures will not affect your network connectivity. 5. However, there is a risk of some malicious traffic making inside your protected network.

D is rite answer

D This is a good reference site for different deployment mode https://networkinterview.com/cisco-ftd-deployment-modes/

Answer D Inline mode can drop traffic Inline Tap only can monitoring traffic

D is correct

The correct answer is D Directly from the Official Cisco Press Cert Guide: "A threat defense in inline interface mode can block unintended traffic while it remains invisible to the network hosts. Inline mode allows a threat defense to block traffic based on the access control and intrusion rules you enable."

Correct answer is: D

sorry the correct answer is D only

The correct answer is B