SNCF — Securing Networks with Firepower — Question 94

An administrator is configuring their transparent Cisco FTD device to receive ERSPAN traffic from multiple switches on a passive port, but the Cisco FTD is not processing the traffic. What is the problem?

Answer options

• A. The switches do not have Layer 3 connectivity to the FTD device for GRE traffic transmission.
• B. The switches were not set up with a monitor session ID that matches the flow ID defined on the Cisco FTD.
• C. The Cisco FTD must be in routed mode to process ERSPAN traffic.
• D. The Cisco FTD must be configured with an ERSPAN port not a passive port.

Correct answer: C

Explanation

The correct answer is C because the Cisco FTD must be in routed mode to process ERSPAN traffic, which is essential for GRE encapsulated traffic. Options A and B are incorrect as they pertain to connectivity and configuration issues that do not directly impact the mode of the FTD. Option D is also incorrect because the FTD can handle ERSPAN traffic in routed mode, not requiring a specific ERSPAN port.