لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
The event dashboard within the Cisco FMC has been inundated with low priority intrusion drop events, which are overshadowing high priority events. An engineer has been tasked with reviewing the policies and reducing the low priority events. Which action should be configured to accomplish this task?
A. generate events
B. drop packet
C. drop connection
D. drop and generate
عرض الإجابة
اجابة صحيحة: D
السؤال #2
Which limitation applies to Cisco Firepower Management Center dashboards in a multidomain environment?
A. Child domains can view but not edit dashboards that originate from an ancestor domain
B. Child domains have access to only a limited set of widgets from ancestor domains
C. Only the administrator of the top ancestor domain can view dashboards
D. Child domains cannot view dashboards that originate from an ancestor domain
عرض الإجابة
اجابة صحيحة: B
السؤال #3
An analyst is reviewing the Cisco FMC reports for the week. They notice that some peer-to-peer applications are being used on the network and they must identify which poses the greatest risk to the environment. Which report gives the analyst this information?
A. Attacks Risk Report
B. User Risk Report
C. Network Risk Report
D. Advanced Malware Risk Report
عرض الإجابة
اجابة صحيحة: A
السؤال #4
An engineer must investigate a connectivity issue and decides to use the packet capture feature on Cisco FTD. The goal is to see the real packet going through the Cisco FTD device and see the Snort detection actions as a part of the output. After the capture-traffic command is issued, only the packets are displayed. Which action resolves this issue?
A. Use the verbose option as a part of the capture-traffic command
B. Use the capture command and specify the trace option to get the required information
C. Specify the trace using the -T option after the capture-traffic command
D. Perform the trace within the Cisco FMC GUI instead of the Cisco FTD CLI
عرض الإجابة
اجابة صحيحة: C
السؤال #5
An engineer wants to connect a single IP subnet through a Cisco FTD firewall and enforce policy. There is a requirement to present the internal IP subnet to the outside as a different IP address. What must be configured to meet these requirements?
A. Configure the downstream router to perform NAT
B. Configure the upstream router to perform NAT
C. Configure the Cisco FTD firewall in routed mode with NAT enabled
D. Configure the Cisco FTD firewall in transparent mode with NAT enabled
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Which firewall design will allow It to forward traffic at layers 2 and 3 for the same subnet?
A. Cisco Firepower Threat Defense mode
B. routed mode
C. Integrated routing and bridging
D. transparent mode
عرض الإجابة
اجابة صحيحة: C
السؤال #7
There is an increased amount of traffic on the network and for compliance reasons, management needs visibility into the encrypted traffic What is a result of enabling TLS'SSL decryption to allow this visibility?
A. It prompts the need for a corporate managed certificate
B. It has minimal performance impact
C. It is not subject to any Privacy regulations
D. It will fail if certificate pinning is not enforced
عرض الإجابة
اجابة صحيحة: A
السؤال #8
An administrator is working on a migration from Cisco ASA to the Cisco FTD appliance and needs to test the rules without disrupting the traffic. Which policy type should be used to configure the ASA rules during this phase of the migration?
A. identity
B. Intrusion
C. Access Control
D. Prefilter
عرض الإجابة
اجابة صحيحة: A
السؤال #9
Network traffic coining from an organization's CEO must never be denied. Which access control policy configuration option should be used if the deployment engineer is not permitted to create a rule to allow all traffic?
A. Configure firewall bypass
B. Change the intrusion policy from security to balance
C. Configure a trust policy for the CEO
D. Create a NAT policy just for the CEO
عرض الإجابة
اجابة صحيحة: C
السؤال #10
A network engineer is logged into the Cisco AMP for Endpoints console and sees a malicious verdict for an identified SHA-256 hash. Which configuration is needed to mitigate this threat?
A. Use regular expressions to block the malicious file
B. Add the hash from the infected endpoint to the network block list
C. Add the hash to the simple custom detection list
D. Enable a personal firewall in the infected endpoint
عرض الإجابة
اجابة صحيحة: C
السؤال #11
An engainer must add DNS-specific rules to me Cisco FTD intrusion policy. The engineer wants to use the rules currently in the Cisco FTD Snort database that are not already enabled but does not want to enable more than are needed. Which action meets these requirements?
A. Change the dynamic state of the rule within the policy
B. Change the base policy to Security over Connectivity
C. Change the rule state within the policy being used
D. Change the rules using the Generate and Use Recommendations feature
عرض الإجابة
اجابة صحيحة: C
السؤال #12
Which action should you take when Cisco Threat Response notifies you that AMP has identified a file as malware?
A. Add the malicious file to the block list
B. Send a snapshot to Cisco for technical support
C. Forward the result of the investigation to an external threat-analysis engine
D. Wait for Cisco Threat Response to automatically block the malware
عرض الإجابة
اجابة صحيحة: C
السؤال #13
A network engineer is extending a user segment through an FTD device for traffic inspection without creating another IP subnet How is this accomplished on an FTD device in routed mode?
A. by leveraging the ARP to direct traffic through the firewall
B. by assigning an inline set interface
C. by using a BVI and create a BVI IP address in the same subnet as the user segment
D. by bypassing protocol inspection by leveraging pre-filter rules
عرض الإجابة
اجابة صحيحة: A
السؤال #14
An engineer is troubleshooting connectivity to the DNS servers from hosts behind a new Cisco FTD device. The hosts cannot send DNS queries to servers in the DMZ. Which action should the engineer take to troubleshoot this issue using the real DNS packets?
A. Use the Connection Events dashboard to check the block reason and adjust the inspection policy as needed
B. Use the packet capture tool to check where the traffic is being blocked and adjust the access control or intrusion policy as needed
C. Use the packet tracer tool to determine at which hop the packet is being dropped
D. Use the show blocks command in the Threat Defense CLI tool and create a policy to allow the blockedtraffic
عرض الإجابة
اجابة صحيحة: A
السؤال #15
Which command is typed at the CLI on the primary Cisco FTD unit to temporarily stop running high- availability?
A. configure high-availability resume
B. configure high-availability disable
C. system support network-options
D. configure high-availability suspend
عرض الإجابة
اجابة صحيحة: A
السؤال #16
An organization has noticed that malware was downloaded from a website that does not currently have a known bad reputation. How will this issue be addresses globally in the quickest way possible and with the least amount of impact?
A. by denying outbound web access
B. Cisco Talos will automatically update the policies
C. by Isolating the endpoint
D. by creating a URL object in the policy to block the website
عرض الإجابة
اجابة صحيحة: C
السؤال #17
A network administrator is troubleshooting access to a website hosted behind a Cisco FTD device External clients cannot access the web server via HTTPS The IP address configured on the web server is 192 168 7.46 The administrator is running the command capture CAP interface outside match ip any 192.168.7.46 255.255.255.255 but cannot see any traffic in the capture Why is this occurring?
A. The capture must use the public IP address of the web server
B. The FTD has no route to the web server
C. The access policy is blocking the traffic
D. The packet capture shows only blocked traffic
عرض الإجابة
اجابة صحيحة: C
السؤال #18
What is the role of the casebook feature in Cisco Threat Response?
A. sharing threat analysts
B. pulling data via the browser extension
C. triage automaton with alerting
D. alert prioritization
عرض الإجابة
اجابة صحيحة: B
السؤال #19
What is a behavior of a Cisco FMC database purge?
A. User login and history data are removed from the database if the User Activity check box is selected
B. Data can be recovered from the device
C. The appropriate process is restarted
D. The specified data is removed from Cisco FMC and kept for two weeks
عرض الإجابة
اجابة صحيحة: C
السؤال #20
An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed that excessive and misleading events filing the database and overloading the Cisco FMC. A monitored NAT device is executing multiple updates of its operating system in a short period of time. What configuration change must be made to alleviate this issue?
A. Leave default networks
B. Change the method to TCP/SYN
C. Increase the number of entries on the NAT device
D. Exclude load balancers and NAT devices
عرض الإجابة
اجابة صحيحة: B
السؤال #21
An engineer is setting up a remote access VPN on a Cisco FTD device and wants to define which traffic gets sent over the VPN tunnel. Which named object type in Cisco FMC must be used to accomplish this task?
A. split tunnel
B. crypto map
C. access list
D. route map
عرض الإجابة
اجابة صحيحة: C
السؤال #22
Which two actions can be used in an access control policy rule? (Choose two.)
A. Block with Reset
B. Monitor
C. Analyze
D. Discover
E. Block ALL
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: