An engineer must deploy a Cisco FTD appliance via Cisco FMC to span a network segment to detect malware and threats. When setting the Cisco FTD interface mode, which sequence of actions meets this requirement?
A.
Set to passive, and configure an access control policy with an intrusion policy and a file policy defined.
B.
Set to passive, and configure an access control policy with a prefilter policy defined.
C.
Set to none, and configure an access control policy with an intrusion policy and a file policy defined.
D.
Set to none, and configure an access control policy with a prefilter policy defined.
The answer is definitely C, not A.
First, “span a network segment” indicates that the mode of FTD itself is routed, not transparent, and that the interface to each segment must be assigned an IP address.
Interfaces in passive mode cannot be assigned an IP address; they must be in none mode in order to be assigned an IP address.
" An engineer must deploy a Cisco FTD appliance via Cisco FMC to span a network segment to detect malware and threats"
to span a network is setting up the device as a bump in the road where to interfaces are connected and traffic is passing through the device. To do so the interface mode should be set to none and not passive
This section is not available anymore. Please use the main Exam Page.300-710 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
tinyJoe
3 months, 3 weeks agorbrain
4 months, 1 week agoDoris8000
8 months, 3 weeks ago