SNCF — Securing Networks with Firepower — Question 293

An engineer must deploy a Cisco Secure Firewall Threat Defense device. Management wants to examine traffic without requiring network changes that will disrupt end users. Corporate security policy requires the separation of management traffic from data traffic and the use of SSH over Telnet for remote administration. How must the device be deployed to meet these requirements?

Answer options

• A. in transparent mode with a management interface
• B. in routed mode with a bridge virtual interface
• C. in transparent mode with a data interface
• D. in routed mode with a diagnostic interface

Correct answer: A

Explanation

The correct answer is A because deploying the device in transparent mode allows for traffic monitoring without requiring changes that could disrupt users. This setup meets the requirement of separating management traffic from data traffic. The other options either do not support traffic examination without disruptions or fail to provide the necessary separation of management and data traffic.