SNCF — Securing Networks with Firepower — Question 199

A network administrator is configuring a BVI interface on a routed FTD. The administrator wants to isolate traffic on the interfaces connected to the bridge group and not have the FTD route this traffic using the routing table. What must be configured?

Answer options

• A. A new VRF must be created for the BVI interface
• B. An IP address must be configured on the BVI
• C. IP routing must be removed from the physical interfaces connected to the BVI
• D. The BVI interface must be configured for transparent mode

Correct answer: A

Explanation

Creating a new VRF for the BVI interface ensures that traffic remains isolated and does not get routed using the routing table. Configuring an IP address on the BVI or removing IP routing from the physical interfaces would not achieve the isolation goal, and configuring the BVI for transparent mode is not necessary for traffic isolation in this context.