Question 5

Question

A network engineer must configure IPS mode on a Cisco Secure firewall Threat Defense device to
inspect traffic and act as an IDS. The engineer already configured the passive-interface on the secure
firewall threat Defence device and SPAN on the switch. What must be configured next by the
engineer?

Accepted Answer

intrusion policy on the Secure Firewall Threat Defense device

Reese K. · Answer

Option A is what I'd pick. After setting up SPAN and the passive interface, you have to apply an intrusion policy so the FTD inspects the mirrored traffic. That's how it works on real gear and matches what I've seen in similar exam questions. Agree?

SofiaA · Answer

Option A fits what I've seen in Cisco official guides and lab exercises. Once SPAN and the passive interface are set, configuring the intrusion policy is the step that actually tells FTD to inspect the mirrored traffic. Pretty sure that's the sequence, but if anyone has seen otherwise in recent labs let me know.

HelpfulReviewer3494 · Answer

Yeah it's A. With SPAN and passive interface already done, you need the intrusion policy next so FTD does actual inspection.

Ava D. · Answer

A that's what official training and lab guides say to do after getting the traffic mirrored.

Reese K. · Answer

A popped up in some practice sets I did. SPAN and passive-interface cover the traffic mirroring, next step is to deploy the intrusion policy for inspection. Makes sense, but let me know if anyone saw otherwise.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE