nerdexam
Exams300-710Questions#231
CiscoCisco

300-710 · Question #231

300-710 Question #231: Real Exam Question with Answer & Explanation

The correct answer is A: Receives traffic that is specified on an NGIPS. A passive interface on a Cisco Firepower NGFW is primarily used to receive mirrored traffic for inspection by the Next-Generation Intrusion Prevention System (NGIPS).

Deployment

Question

Which description of a passive interface on a Cisco Firepower NGFW is true?

Options

  • AReceives traffic that is specified on an NGIPS
  • BInaccessible when disable
  • CEffected by firewall mode
  • DRetransmits received traffic

Explanation

A passive interface on a Cisco Firepower NGFW is primarily used to receive mirrored traffic for inspection by the Next-Generation Intrusion Prevention System (NGIPS).

Common mistakes.

  • B. An interface that is disabled would be inaccessible regardless of its mode, and this is not a unique characteristic or primary function of a passive interface.
  • C. Passive mode is itself an interface configuration mode; it is not 'effected by' other firewall modes like routed or transparent, but rather defines its own operational behavior for monitoring.
  • D. Passive interfaces are strictly for monitoring (listening to) traffic; they do not retransmit received traffic back into the network.

Concept tested. Cisco Firepower NGFW passive interface function

Reference. https://www.cisco.com/c/en/us/td/docs/security/firepower/7x/configuration/guide/fpmc-config-guide-70/interface_configuration.html

Topics

#Passive Interface#Firepower NGFW#NGIPS#Traffic Monitoring

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-710 PracticeBrowse All 300-710 Questions