- (Exam Topic 1)
An engineer is configuring a Cisco IPS to protect the network and wants to test a policy before deploying it. A copy of each incoming packet needs to be monitored while traffic flow remains constant. Which IPS mode should be implemented to meet these requirements?

1. A. Inline tap
2. B. passive
3. C. transparent
4. D. routed

Correct Answer: A

- (Exam Topic 2)
An engineer is using the configure manager add Cisc402098527 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why Is this occurring?

1. A. The NAT ID is required since the Cisco FMC is behind a NAT device.
2. B. The IP address used should be that of the Cisco FT
3. C. not the Cisco FMC.
4. D. DONOTRESOLVE must be added to the command
5. E. The registration key is missing from the command

Correct Answer: A

- (Exam Topic 2)
A network administrator notices that remote access VPN users are not reachable from inside the network. It is determined that routing is configured correctly, however return traffic is entering the firewall but not leaving it What is the reason for this issue?

1. A. A manual NAT exemption rule does not exist at the top of the NAT table.
2. B. An external NAT IP address is not configured.
3. C. An external NAT IP address is configured to match the wrong interface.
4. D. An object NAT exemption rule does not exist at the top of the NAT table.

Correct Answer: A
https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212702-configure-and-verif

- (Exam Topic 5)
An administrator is configuring a transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port but the FTD is not processing the traffic What is the problem?

1. A. The switches do not have Layer 3 connectivity to the FTD device for GRE traffic transmission.
2. B. The FTD must be configured with an ERSPAN port, not a passive port.
3. C. The FTD must &e in routed mode to process ERSPAN traffic.
4. D. The switches were not set up with a monitor session ID (hat matches the flow ID defined on the FTD

Correct Answer: C

- (Exam Topic 5)
A network engineer is tasked with minimising traffic interruption during peak traffic limes. When the SNORT inspection engine is overwhelmed, what must be configured to alleviate this issue?

1. A. Enable IPS inline link state propagation
2. B. Enable Pre-filter policies before the SNORT engine failure.
3. C. Set a Trust ALL access control policy.
4. D. Enable Automatic Application Bypass.

Correct Answer: D