SNCF — Securing Networks with Firepower — Question 236

A security engineer manages a firewall console and an endpoint console and finds it challenging and time consuming to review events and modify blocking of specific files in both consoles. Which action must the engineer take to streamline this process?

Answer options

• A. Within the Cisco Secure Endpoint console, copy the connector GUID and paste into the Cisco Secure Firewall Management Center (FMC) AMP tab.
• B. From the Cisco Secure Endpoint console, create and copy an API key and paste into the Cisco Secure AMP tab.
• C. From the Secure FMC, create a Cisco Secure Endpoint object and reference the object in the Cisco Secure Endpoint console.
• D. Initiate the integration between Secure FMC and Cisco Secure Endpoint from the Secure FMC using the AMP tab.

Correct answer: D

Explanation

The correct answer is D because initiating the integration between Secure FMC and Cisco Secure Endpoint allows for centralized management and streamlined processes. Options A, B, and C involve steps that do not directly address the need for integration, making them less effective for the engineer's goal of simplifying event review and file blocking.