An engineer is troubleshooting a device that cannot connect to a web server. The connection is initiated from the Cisco FTD inside interface and attempting to reach 10.0.1.100 over the non-standard port of 9443 The host the engineer is attempting the connection from is at the IP address of 10.20.10.20. In order to determine what is happening to the packets on the network, the engineer decides to use the FTD packet capture tool Which capture configuration should be used to gather the information needed to troubleshoot this issue?
A)

B)

C)

D)

• A.Option D
• B.Option B
• C.Option C
• D.Option A

Comment: *

Name: *

Email: *

Verification: *

The CIO asks a network administrator to present to management a dashboard that shows custom analysis tables for the top DNS queries URL category statistics, and the URL reputation statistics.
Which action must the administrator take to quickly produce this information for management?

• A.Copy the intrusion events dashboard tab and modify each widget to show the correct charts.
• B.Run the Attack report and filter on DNS to show this information.
• C.Create a new dashboard and add three custom analysis widgets that specify the tables needed.
• D.Modify the Connection Events dashboard to display the information in a view for management.

Comment: *

Name: *

Email: *

Verification: *

A company is in the process of deploying intrusion prevention with Cisco FTDs managed by a Cisco FMC.
An engineer must configure policies to detect potential intrusions but not block the suspicious traffic. Which action accomplishes this task?

• A.Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.
• B.Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by unchecking the "Drop when inline" option.
• C.Configure IPS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.
• D.Configure IDS mode when creating or editing a policy rule under the Cisco FMC Intrusion tab in Access Policies section by checking the "Drop when inline" option.

Comment: *

Name: *

Email: *

Verification: *

A network engineer must configure IPS mode on a Cisco Secure firewall Threat Defense device to inspect traffic and act as an IDS. The engineer already configured the passive-interface on the secure firewall threat Defence device and SPAN on the switch. What must be configured next by the engineer?

• A.intrusion policy on the Secure Firewall Threat Defense device
• B.active Interface on me Secure Firewall threat Defense device
• C.DHCP on the switch
• D.active SPAN port on the switch

Comment: *

Name: *

Email: *

Verification: *

What is the difference between inline and inline tap on Cisco Firepower?

• A.Inline mode cannot do SSL decryption.
• B.Inline mode can drop malicious traffic.
• C.Inline tap mode can send a copy of the traffic to another device.
• D.Inline tap mode does full packet capture.

Comment: *

Name: *

Email: *

Verification: *