Chapter 3. Licensing and Registration Flashcards
1.Which method does Secure Firewall use to obtain a license from Cisco?
A. Direct Internet access.
B. Through an on-premises SSM server.
C. A manual process (copy and paste).
D. All of these answers are correct.
D. Secure Firewall can connect to the Cisco SSM to obtain a license directly over the Internet and via an on-premises server. When Internet connectivity is restricted, you can also manually copy and paste the information between Secure Firewall and the Cisco license server.
2.Which functionality cannot be enabled without a threat license?
A. Intrusion prevention.
B. Malware analysis.
C. URL filtering.
D. All of these answers are correct.
A. To enable intrusion prevention functionality, you must apply a valid threat license to your Secure Firewall.
3.Which statement is correct about the smart licensing model?
A. The threat defense connects to the Smart License Server to obtain licenses.
B. The Cisco SSM application is available only through the Cisco cloud.
C. You can enable the security features on Secure Firewall completely free for a limited time.
D. The smart licensing model does not support any air-gap solution.
C. In the smart licensing model, you can enable the next-generation security features free of cost for 90 days.
4.Which option enables you to know about the status of licenses before they expire or go out of compliance?
A. By viewing the license status in the Smart License Status page, available at System > Smart Licenses.
B. By enabling the Smart License Monitor module in the health policy.
C. By running the show managers command in the threat defense CLI.
D. All of these answers are correct.
B. By enabling the Smart License Monitor module in the health policy, you can receive health alerts if there is any communication issue between your management center and the Cisco Smart Licensing Cloud, or if the license is expired or out of compliance.
5.Which statement is incorrect about registration?
A. Always begin the registration process from a threat defense.
B. NAT ID is necessary only when there is an intermediate NAT device between a management center and threat defense.
C. Before you attempt to register any threat defense, you must enable a license on the management center.
D. You do not need to select and deploy an access control policy during the device registration process.
D. During device registration, you must select and deploy an access control policy to the threat defense. This is part of the registration process.
6.Which command confirms whether a threat defense is registered with a management center?
A. >show mgmt status
B. >show management console
C. >show managers
D. >show registration status
C. You can run the show managers command on a threat defense to determine its current manager.
