SNCF — Securing Networks with Firepower — Question 282

A network engineer must configure an existing firewall to have a NAT configuration. The new configuration must support more than two interfaces per context. The firewall has previously been operating in transparent mode. The Cisco Secure Firewall Threat Defense device has been deregistered from Cisco Secure Firewall Management Center. Which set of configuration actions must the network engineer take next to meet the requirements?

Answer options

• A. Run the configure firewall routed command from the Cisco Secure Firewall Threat Defense device CLI, and reregister with Cisco Secure Firewall Management Center.
• B. Run the configure firewall routed command from the Cisco Secure Firewall Management Center CLI, and reregister with Cisco Secure Firewall Management Center.
• C. Run the configure manager add routed command from the Cisco Secure Firewall Threat Defense device CLI, and reregister with Cisco Secure Firewall Management Center.
• D. Run the configure manager add routed command from the Cisco Secure Firewall Management Center CLI, and reregister with Cisco Secure Firewall Management Center.

Correct answer: A

Explanation

The correct answer is A because the engineer needs to configure the firewall to operate in routed mode, which is done through the CLI of the Cisco Secure Firewall Threat Defense device. Options B, C, and D are incorrect because they either use the wrong command or CLI context, or they do not address the need to configure the firewall properly before re-registering.