- (Exam Topic 5)
An administrator is adding a new URL-based category feed to the Cisco FMC for use within the policies. The intelligence source does not use STIX. but instead uses a .txt file format. Which action ensures that regular updates are provided?

1. A. Add a URL source and select the flat file type within Cisco FMC.
2. B. Upload the .txt file and configure automatic updates using the embedded URL.
3. C. Add a TAXII feed source and input the URL for the feed.
4. D. Convert the .txt file to STIX and upload it to the Cisco FMC.

Correct Answer: A

- (Exam Topic 5)
Which process should be checked when troubleshooting registration issues between Cisco FMC and managed devices to verify that secure communication is occurring?

1. A. fpcollect
2. B. dhclient
3. C. sfmgr
4. D. sftunnel

Correct Answer: D

- (Exam Topic 5)
Which Cisco FMC report gives the analyst information about the ports and protocols that are related to the configured sensitive network for analysis?

1. A. Malware Report
2. B. Host Report
3. C. Firepower Report
4. D. Network Report

Correct Answer: D

- (Exam Topic 3)
What is a behavior of a Cisco FMC database purge?

1. A. User login and history data are removed from the database if the User Activity check box is selected.
2. B. Data can be recovered from the device.
3. C. The appropriate process is restarted.
4. D. The specified data is removed from Cisco FMC and kept for two weeks.

Correct Answer: C
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config- guide-v62/management_center_database_purge.pdf

- (Exam Topic 5)
An engineer is configuring a cisco FTD appliance in IPS-only mode and needs to utilize fail-to-wire interfaces. Which interface mode should be used to meet these requirements?

1. A. transparent
2. B. routed
3. C. passive
4. D. inline set

Correct Answer: D
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/inline