An organization uses Cisco FMC to centrally manage multiple Cisco FTD devices. The default management port conflicts with other communications on the network and must be changed. What must be done to ensure that all devices can communicate together?
A.
Change the management port on Cisco FMC so that it pushes the change to all managed Cisco FTD devices.
B.
Set the sftunnel port to 8305.
C.
Manually change the management port on Cisco FMC and all managed Cisco FTD devices.
Answer should be C
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Security__Internet_Access__and_Communication_Ports.html
8305/tcp
Securely communicate between appliances in a deployment.
" If you change this port, you must change it for all appliances in the deployment. We recommend you keep the default."
The answer is C from Cisco website and specifically this paragraph, “ In this case you must also change the port on FMC (Configuration > Management Interfaces > Shared Settings). This affects all other devices that are already registered to the same FMC. Cisco strongly recommends that you keep the default settings for the remote management port, but if the management port conflicts with other communications on your network, you can choose a different port. If you change the management port, you must change it for all devices in your deployment that need to communicate together.”
And here is the link
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/215540-configure-verify-and-troubleshoot-firep.html
The answer is C. However if you overthink it it could also be A. however in the form the question is asked it should be C.
Cisco FMC has the ability to push configuration changes to managed Cisco FTD devices automatically, so changing the management port on the FMC can be propagated to all managed FTD devices without the need for manual intervention on each device. This can be done through the use of FlexConfigs or the Configuration Deployments feature in the FMC.
FlexConfigs allow for the execution of custom commands on managed devices, including configuration changes. The FMC can be configured to push a FlexConfig that changes the management port on all managed FTD devices at once.
Cisco strongly recommends that you keep the default settings for the remote management port, but if the management port conflicts with other communications on your network, you can choose a different port. If you change the management port, you must change it for all devices in your deployment that need to communicate with each other.
Answer is C. The sftunnel is created once the communication is stablished - https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/215540-configure-verify-and-troubleshoot-firep.html
"Once the registration is done the FTD and the FMC establish a secure tunnel called sftunnel (the name derives from the Sourcefire tunnel)."
C should be the correct answer; we can change the port manually:
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/215540-configure-verify-and-troubleshoot-firep.html#anc7
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MoII
Highly Voted 2 years, 5 months agoeazy99
Highly Voted 2 years, 7 months agoAlizade
Most Recent 7 months, 1 week agoTuxzinator
1 year, 2 months agoEmlia1
1 year, 5 months agosis_net_sec
1 year, 6 months agofrancojaraba
1 year, 9 months agoLaryoul
2 years, 1 month agoMinion2021
2 years, 2 months agoklu16
2 years, 8 months agofabio3wz
2 years, 8 months ago