Top 50 Cisco FTD Interview Questions

ANSWERS @https://ipwithease.com/shop/

1. What does FTD and FMC stand for?
2. What is the usage and purpose of FMC?
3. Please elaborate the difference between a prefilter rule and an access rule?
4. Can ASA 5500-X Series have the NGIPS SFR?
5. Where can you install and run the SFR in ASA?
6. In order to reimage ASA 5506-X hardware to FTD, what is the correct order?
7. To verify if SSD is installed on ASA hardware, which command should be executed?
8. In which component of Firepower 4100 Series is FTD software installed?
9. Which interface on an ASA device is assigned with an IP address during FTD software initialization?
10. When selecting the type of traffic, if mgmt is selected then what would be the result?
11. Which interface is shown as “?” in lower-end and midrange ASA 5500-X series models?
12. What is the name of the Mgmt interface which CLI shows, when connected to Firepower Code and when connected to ASA code?
13. Which command is used in FTD to view the statistics of events inside the encrypted tunnel between FTD and the FMC?
14. Which command confirms whether FTD is registered with the FMC?
15. Which command is used to configure a manager in an FTD?
16. What are the capabilities of the Firepower in terms of Licenses?
17. Describe the usage and functionality of Base and Threat Licenses?
18. Describe the usage and functionality of Malware and URL Filtering licenses?
19. If we go to the System > Licenses > Smart Licenses page, we see Evaluation Mode button. What is the time period of the evaluation mode?
20. What happens when we turn on the Evaluation Mode on the Firepower System?
21. What is the workflow to Purchase, Generate, and Apply a Smart License in Firepower System?
22. What is the behaviour of FTD when it is deployed in a Routed Mode?
23. If you want to install FTD Version 6.1 on Firepower 9300 appliance having FXOS Release 1.1.4, what is the correct order of action?
24. Which file can be deployed directly into an ESXi host if we are installing/running FMC?
25. Which command syntax would be correct, if we want to ping test from FTD to the FMC?
26. Which port does the Firepower System use for management communication by default?
27. If we hit enter in the highlighted prompt, what would be the default firewall mode?
28. In below snippet, when registration with the manager is completed, the IP 10.1.1.16 is of which device?
29. Which command is used to configure FTD from Transparent Mode to Routed Mode?
30. What is the behaviour of FTD when it is deployed in a Transparent Mode?
31. In what mode firewall is configured in below snippet?
32. In what scenario do Gig interfaces and BVI interface have same IP?
33. Which command provides an overview of the various components of an inline interface set?
34. What is the first-level-defense mechanism implemented on Firepower Engine?
35. Which directory stores the filed related to DNS Policy?
36. Which licenses are necessary to block a URL based on its category and reputation?
37. Which type of analysis requires a connection to the cloud?
38. Which base policy enables the largest number of standard text Snort rules by default?
39. Which NAT section has highest priority during rule evaluation?
40. After you deploy a new NAT policy, if a connection still uses a rule from the prior version of the NAT policy, how could you ensure that FTD will use the new policy?
41. What is Security Intelligence?
42. What is the function of Network Analysis Policy?
43. What is the function of Intrusion Policy?
44. What is Access Control Rule Monitor Action?
45. What is Access Control Rule Trust Action? What is Access Control Rule Blocking Actions?
46. What is Access Control Rule Interactive Blocking Actions?
47. What is the function of Network Discovery Policies? What are 2 types of Network Discovery mechanisms?
48. What is the purpose of Firepower Recommended Rules?
49. How many connectivity models are there for network analysis and intrusion policies in Firepower System?
50. Describe Balanced Security and Connectivity network analysis and intrusion policies?
51. Describe Maximum Detection network analysis and intrusion policies?
52. Describe No Rules Active intrusion policy?

ANSWERS @https://ipwithease.com/shop/

ABOUT THE AUTHOR

Rashmi Bhardwaj

I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”

I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.

I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)