Cisco 300-710 Practice Test - Questions Answers, Page 33

To support more than two interfaces per context and enable NAT configurations, the firewall must operate in routed mode. Since the firewall was previously in transparent mode, the network engineer needs to change it to routed mode.

Steps:

Access the CLI of the Secure FTD device.

Run the command configure firewall routed to switch the firewall from transparent mode to routed mode.

Reregister the FTD device with the FMC by running the configure manager add <FMC_IP> <Registration_Key> command from the FTD device CLI.

This will ensure that the firewall can support the required NAT configurations and more than two interfaces per context.

Standard reports from Cisco Secure Firewall Management Center can be downloaded in CSV (Comma-Separated Values) format. This format is widely used for data exchange and can be opened in various applications such as Microsoft Excel.

Steps to download reports:

Navigate to Reports > Report Designer in the FMC.

Select or create the report you wish to download.

Choose the CSV format option when exporting the report.

This allows the network engineer to analyze and manipulate the report data easily.

Cisco Defense Orchestrator (CDO) is the tool that assists engineers in performing an audit of network projects to determine which objects are duplicated across various firewall models, including Cisco Secure Firewall Threat Defense, Cisco Secure Firewall ASA, and Meraki MX Series. CDO provides a unified management interface for managing multiple security devices and can identify duplicate objects across these devices.

Steps:

Access Cisco Defense Orchestrator.

Connect and synchronize all relevant firewall devices (FTD, ASA, Meraki MX).

Use the audit and reporting features in CDO to identify and manage duplicate objects.

This helps ensure consistency and efficient management across the organization's firewall deployments.

To create a malware and file policy on a Cisco Secure Firewall Threat Defense (FTD) device that ensures PDF, DOCX, and XLSX files are not sent to Cisco Secure Malware Analytics, the security engineer must configure local malware analysis. Local malware analysis allows the FTD to inspect and analyze files locally without sending them to the cloud-based Cisco Secure Malware Analytics.

Steps to configure local malware analysis:

In FMC, navigate to Policies > Access Control > Malware & File Policies.

Create a new malware and file policy or edit an existing one.

Define rules to inspect specific file types, ensuring that PDF, DOCX, and XLSX files are handled locally.

Set the action for these file types to 'Local Analysis.'

Apply the policy to the relevant access control policy.

This configuration ensures that the specified file types are analyzed locally, meeting the requirement to avoid sending them to Cisco Secure Malware Analytics.

To integrate a third-party security intelligence feed with Cisco Secure Firewall Management Center (FMC) using Threat Intelligence Director (TID), the following actions are necessary:

Upgrade to version 6.6: The FMC must be running at least version 6.6 to support Threat Intelligence Director. Version 6.2.3 does not support the necessary features for this integration.

Add the URL of the TAXII server: Threat Intelligence Director uses TAXII (Trusted Automated eXchange of Indicator Information) to pull threat intelligence data from third-party sources. The URL of the TAXII server must be added to the TID configuration in FMC.

Steps:

Upgrade FMC to version 6.6 or later.

In FMC, navigate to Integration > Threat Intelligence Director.

Add a new TAXII server by entering the URL of the TAXII server.

These actions enable the integration of third-party threat intelligence feeds, enhancing the security capabilities of the FMC.