350-701 Question #363: Real Exam Question with Answer & Explanation

Question

A network security engineer must export packet captures from the Cisco FMC web browser while troubleshooting an issue. When navigating to the address Error! Hyperlink reference not valid. IP>/capure/CAPI/pcap/test.pcap, an error 403: Forbidden is given instead of the PCAP file. Which action must the engineer take to resolve this issue?

Options

• ADisable the proxy setting on the browser
• BDisable the HTTPS server and use HTTP instead
• CUse the Cisco FTD IP address as the proxy server setting on the browser
• DEnable the HTTPS server for the device platform policy

Explanation

To resolve a "403: Forbidden" error when exporting packet captures from Cisco FMC, the engineer must enable the HTTPS server within the device platform policy on the Cisco FTD.

Common mistakes.

• A. A browser proxy setting is unlikely to cause a 403 Forbidden error directly from the server for an FMC/FTD interaction, as the primary cause here is server-side.
• B. Disabling HTTPS would downgrade security and is generally not a recommended solution; the issue is that secure access is currently forbidden, not that HTTP is preferred.
• C. Using the FTD IP as a proxy is an incorrect approach; the FTD is the source of the PCAP, not a proxy server for the browser in this context.

Concept tested. Cisco FTD Packet Capture Export Configuration

Reference. https://www.cisco.com/c/en/us/td/docs/security/firepower/ftd-fmc/config-guide/fpmc-config-guide-v64/troubleshoot-ftd.html

No community discussion yet for this question.