ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-720 All Questions

View all questions & answers for the 300-720 exam
Go to Exam

Exam 300-720 topic 1 question 82 discussion

Actual exam question from Cisco's 300-720
Question #: 82
Topic #: 1
[All 300-720 Questions]



Refer to the exhibit. An administrator has configured File Reputation and File Analysis on the Cisco ESA; however, is does not function as expected. What must be configured on the Cisco ESA for this to function?

  • A. Upload the Root CA certificate for the File Reputation cloud to the Cisco ESA.
  • B. Open port 443 on the firewall for the Cisco ESA to connect to the File Reputation cloud.
  • C. Restart the File Reputation service to force the scanning engine to connect to the File Reputation cloud.
  • D. Configure the Cisco ESA to use SSL for the connection to the File Reputation server.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by GVKD at June 20, 2023, 2:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
GVKD
Highly Voted 10 months, 1 week ago
Selected Answer: D
D is Correct. See comments below.
upvoted 5 times
...
GVKD
Most Recent 10 months, 3 weeks ago
Selected Answer: A
Correct. If you checked Use SSL (Port 443) in the SSL Communication for File Reputation section of the Advanced Settings for File Reputation, you must add the AMP on-premises reputation server CA certificate to the certificate store on this appliance, using either the CLI command certconfig > CERTAUTHORITY > CUSTOM, or Network > Certificates (Custom Certificate Authorities) in the Web interface. Obtain this certificate from the server (Configuration > SSL > Cloud server > download). https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_010000.html?bookSearch=true#concept_FCB7163556E74F70A80BAEAC701A9E5A
upvoted 1 times
Gray44
10 months, 2 weeks ago
I think it is answer D, in the example the ssl checkbox is not marked yet, and it shows that the esa is able to telnet on port 443 so port must be open.
upvoted 3 times
GVKD
10 months, 1 week ago
After looking at this again I think I do agree with you. Thank you.
upvoted 2 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago