Chapter 4. Firewall Deployment in Routed Mode Flashcards
1.Which of the following statements is true?
A. Threat defense in transparent mode cannot be configured by a management center.
B. You can change the firewall deployment mode by using the management center.
C. You cannot change the firewall mode until you unregister the threat defense from the management center.
D. When you change the firewall mode, the threat defense saves the running configurations.
C. You cannot change the firewall mode until you unregister the desired threat defense from the management center.
2.Which of the following statements is false?
A. When configured in Layer 3 mode, each data interface on a threat defense is required to be on a different network.
B. Backing up a security policy configuration on a threat defense is not necessary because the security policies are defined and stored on the management center.
C. Changing the firewall mode does not affect the existing configurations on a threat defense.
D. None of these answers are correct.
C. Changing the firewall mode wipes out any existing configurations on a threat defense.
3.Which of the following commands is used to configure a threat defense from transparent mode to routed mode?
A. configure routed
B. configure firewall routed
C. configure interface routed
D. configure transparent disable
B. Theconfigure firewall routedcommand is used to configure a threat defense from transparent to routed mode.
4.Which of the following statements is false for IP address configuration?
A. A threat defense data interface must be configured with a static IP address.
B. A threat defense can function as a DHCP client as well as a DHCP server.
C. When you create an address pool for the DHCP server, it must be within the same subnet as the connected interface.
D. None of these answers are correct.
A. A threat defense data interface can be configured with a static IP address, as well as a dynamically assigned IP address.
5.Which of the following commands is used to debug and analyze ping requests?
A. debug icmp
B. debug ip icmp
C. debug icmp trace
D. debug icmp reply
C. Thedebug icmp tracecommand is used to debug and analyze ping requests.
6.Which of the following commands can be run to determine any interface-related issues?
A. show interface ip brief
B. show interfaceinterface_ID
C. show running-config interface
D. All of these answers are correct.
D. All of these commands—show interface ip brief,show interfaceinterface_ID,show running-config interface—are useful when you want to investigate an issue with an interface.