SNCF — Securing Networks with Firepower — Question 172

An engineer installs a Cisco FTD device and wants to inspect traffic within the same subnet passing through a firewall and inspect traffic destined to the Internet. Which configuration will meet this requirement?

Answer options

• A. transparent firewall mode with IRB only
• B. routed firewall mode with BVI and routed interfaces
• C. transparent firewall mode with multiple BVIs
• D. routed firewall mode with routed interfaces only

Correct answer: C

Explanation

The correct answer is C, as using multiple BVIs in transparent mode allows for inspection of traffic within the same subnet. The other options do not facilitate the required inspection of traffic within the same subnet, with A being limited to IRB, B using routed interfaces that are not suitable for the same subnet inspection, and D lacking the necessary components for monitoring traffic in this context.