ExamGecko
Search Search Login
Home Home / Cisco / 350-701
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which compliance status is shown when a configured posture policy requirement is not met?
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used?
DRAG DROP Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
What is a characteristic of Firepower NGIPS inline deployment mode?
Which ASA deployment mode can provide separation of management on a shared appliance?
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?

Question 288 - 350-701 discussion

Report
Export

An engineer has been tasked with configuring a Cisco FTD to analyze protocol fields and detect anomalies in the traffic from industrial systems. What must be done to meet these requirements?

A.

Implement pre-filter policies for the CIP preprocessor

Answers
A.

Implement pre-filter policies for the CIP preprocessor

B.

Enable traffic analysis in the Cisco FTD

Answers
B.

Enable traffic analysis in the Cisco FTD

C.

Configure intrusion rules for the DNP3 preprocessor

Answers
C.

Configure intrusion rules for the DNP3 preprocessor

D.

Modify the access control policy to trust the industrial traffic

Answers
D.

Modify the access control policy to trust the industrial traffic

Suggested answer: C

Explanation:

configure INTRUSION RULES for DNP3' -> Documentation states, that enabling INTRUSION RULES is mandatory for CIP to work + required preprocessors (in Network Access Policy - NAP) will be enabled automatically: 'If you want the CIP preprocessor rules listed in the following table to generate events, you MUST enable them. See Setting Intrusion Rule States for information on enabling rules.' 'If the Modbus, DNP3, or CIP preprocessor is disabled, and you enable and deploy an intrusion rule that requires one of these preprocessors, the system automatically uses the required preprocessor, with its current settings, although the preprocessor remains disabled in the web interface for the corresponding network analysis policy.' [1] https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config- guide-v63/scada_preprocessors.html


Show Answer
asked 10/10/2024
Alejandro Meza
33 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms