- (Exam Topic 5)
Refer to the exhibit.

An organization has an access control rule with the intention of sending all social media traffic for inspection After using the rule for some time, the administrator notices that the traffic is not being inspected, but is being automatically allowed What must be done to address this issue?

1. A. Modify the selected application within the rule
2. B. Change the intrusion policy to connectivity over security.
3. C. Modify the rule action from trust to allow
4. D. Add the social network URLs to the block list

Correct Answer: A

- (Exam Topic 5)
A network administrator notices that inspection has been interrupted on all non-managed interfaces of a device. What is the cause of this?

1. A. The value of the highest MTU assigned to any non-management interface was changed.
2. B. The value of the highest MSS assigned to any non-management interface was changed.
3. C. A passive interface was associated with a security zone.
4. D. Multiple inline interface pairs were added to the same inline interface.

Correct Answer: A

- (Exam Topic 5)
A security engineer must integrate an external feed containing STIX/TAXII data with Cisco FMC. Which feature must be enabled on the Cisco FMC to support this connection?

1. A. Cisco Success Network
2. B. Cisco Secure Endpoint Integration
3. C. Threat Intelligence Director
4. D. Security Intelligence Feeds

Correct Answer: C

- (Exam Topic 5)
A network administrator cannot select the link to be used for failover when configuring an active/passive HA Cisco FTD pair.
Which configuration must be changed before setting up the high availability pair?

1. A. An IP address in the same subnet must be added to each Cisco FTD on the interface.
2. B. The interface name must be removed from the interface on each Cisco FTD.
3. C. The name Failover must be configured manually on the interface on each cisco FTD.
4. D. The interface must be configured as part of a LACP Active/Active EtherChannel.

Correct Answer: A

- (Exam Topic 5)
Refer to the exhibit.

An administrator is looking at some of the reporting capabilities for Cisco Firepower and noticed this section of the Network Risk report showing a lot of SSL activity that cloud be used for evasion. Which action will mitigate this risk?

1. A. Use SSL decryption to analyze the packets.
2. B. Use encrypted traffic analytics to detect attacks
3. C. Use Cisco AMP for Endpoints to block all SSL connection
4. D. Use Cisco Tetration to track SSL connections to servers.

Correct Answer: A