Exam 300-710 topic 1 question 93 discussion

When a device is deleted and then re-added, the FMC web interface prompts you to re-apply your access control policies. However, there is no option to re-apply the NAT and VPN policies during registration. Any previously applied NAT or VPN configuration will be removed during registration and must be re-applied after registration is complete. https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/device_management_basics.html

***copied from cisco configuration guide*** When a device is deleted and then re-added, the FMC web interface prompts you to re-apply your access control policies. However, there is no option to re-apply the NAT and VPN policies during registration. Any previously applied NAT or VPN configuration will be removed during registration and must be re-applied after registration is complete. https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/device_management_basics.html

I have tested in my lab, answer is B and E, the FMC do not prompt user to re-apply policy so D is wrong

It's D & E for sure. "When a device is deleted and then re-added, the FMC web interface prompts you to re-apply your access control policies. However, there is no option to re-apply the NAT and VPN policies during registration. Any previously applied NAT or VPN configuration will be removed during registration and must be re-applied after registration is complete." https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Device_Management_Basics.html#ID-2242-00000786 When a device is deleted from FMC, the manager is not automatically removed.

I would go with B & E. The manager must be added back before you can add the device.

D and E are correct. https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Device_Management_Basics.html#ID-2242-00000786:~:text=When%20a%20device,registration%20is%20complete.

option B is also correct - the FTD needs to have the manager added after the FTD is deleted from the FMC(trust me it happened to me) ....but this question is more for FMC - so I would go with DE

D&E - right from the note in the doc! mid page

D&E is correct https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/device_management_basics.html?bookSearch=true When a device is deleted and then re-added, the FMC web interface prompts you to re-apply your access control policies. However, there is no option to re-apply the NAT and VPN policies during registration. Any previously applied NAT or VPN configuration will be removed during registration and must be re-applied after registration is complete.

E is definitely correct, though I think B is a better answer than C. When registering the device, it does have a box to select the ACP to apply, but it automatically deploys the configuration. When you delete a device from the FMC, you need to go to the FTD's CLI and add the manager before adding the device to the FMC.

D+E is correct: "When a device is deleted and then re-added, the Firepower Management Center web interface prompts you to re-apply your access control policies. However, there is no option to re-apply the NAT and VPN policies during registration. Any previously applied NAT or VPN configuration will be removed during registration and must be re-applied after registration is complete. "