SNCF — Securing Networks with Firepower — Question 202

An administrator is configuring the interface of a Cisco Secure Firewall Threat Defense firewall device in a passive IPS deployment. The device and interface have been identified. Which set of configuration steps must the administrator perform next to complete the implementation?

Answer options

• A. Set the interface mode to passive. Associate the interface with a security zone. Enable the interface. Set the MTU parameter.
• B. Modify the interface to retransmit received traffic. Associate the interface with a security zone Set the MTU parameter
• C. Set the interface mode to passive. Associate the interface with a security zone. Set the MTU parameter. Reset the interface.
• D. Modify the interface to retransmit received traffic. Associate the interface with a security zone. Enable the interface. Set the MTU parameter.

Correct answer: A

Explanation

Option A is correct because it includes all necessary steps: setting the interface to passive mode, associating it with a security zone, enabling the interface, and adjusting the MTU parameter. Options B and D incorrectly suggest modifying the interface to retransmit traffic, which is not applicable in a passive IPS deployment. Option C suggests resetting the interface, which is unnecessary after the configuration steps.