SNCF — Securing Networks with Firepower — Question 235

A network engineer must configure an existing firewall to have a NAT configuration. The new configuration must support more than two interfaces per context. The firewall has previously been operating in transparent mode. The Cisco Secure Firewall Threat Defense (FTD) device has been deregistered from Cisco Secure Firewall Management Center (FMC). Which set of configuration actions must the network engineer take next to meet the requirements?

Answer options

• A. Run the configure firewall routed command from the Secure FTD device CLI, and reregister with Secure FMC.
• B. Run the configure manager add routed command from the Secure FMC CLI. and reregister with Secure FMC.
• C. Run the configure manager add routed command from the Secure FTD device CLI, and reregister with Secure FMC.
• D. Run the configure firewall routed command from the Secure FMC CLI. and reregister with Secure FMC.

Correct answer: A

Explanation

The correct answer is A because the command 'configure firewall routed' needs to be run on the Secure FTD device CLI to change the mode from transparent to routed, allowing the NAT configuration to take place. The other options either attempt to run the command from the wrong device or use incorrect command syntax that would not achieve the desired outcome.