300-710 · Question #330
300-710 Question #330: Real Exam Question with Answer & Explanation
The correct answer is A: intrusion policy on the Secure Firewall Threat Defense device. To configure IPS mode on a Cisco Secure Firewall Threat Defense (FTD) device to inspect traffic and act as an IDS, the network engineer must configure an intrusion policy on the FTD device. The passive-interface and SPAN on the switch have already been configured, which means the
Question
A network engineer must configure IPS mode on a Secure Firewall Threat Defense device to inspect traffic and act as an IDS. The engineer already configured the passive-interface on the Secure Firewall Threat Defense device and SPAN on the switch. What must be configured next by the engineer?
Options
- Aintrusion policy on the Secure Firewall Threat Defense device
- Bactive SPAN port on the switch
- CDHCP on the switch
- Dactive interface on the Secure Firewall Threat Defense device
Explanation
To configure IPS mode on a Cisco Secure Firewall Threat Defense (FTD) device to inspect traffic and act as an IDS, the network engineer must configure an intrusion policy on the FTD device. The passive-interface and SPAN on the switch have already been configured, which means the traffic is being mirrored to the FTD. The next step is to set up an intrusion policy that defines the rules and actions for detecting and responding to malicious traffic. In FMC, navigate to Policies > Intrusion. Create a new intrusion policy or edit an existing one. Define the rules and actions for detecting threats. Apply the intrusion policy to the relevant interfaces or access control policies. This configuration enables the FTD to inspect the mirrored traffic and take appropriate actions based on the defined intrusion policy.
Topics
Community Discussion
No community discussion yet for this question.