A network administrator registered a new FTD to an existing FMC. The administrator cannot place the FTD in transparent mode. Which action enables transparent mode?
A.
Deregister the FTD device from FMC and configure transparent mode via the CLI.
B.
Obtain an FTD model that supports transparent mode.
C.
Add a Bridge Group Interface to the FTD before transparent mode is configured.
D.
Assign an IP address to two physical interfaces.
It's A. If the FTD was in routed mode and registered to FMC, you have to first remove the manager from FTD and deregister from FMC. Then on FTD CLI, configure firewall transparent. Then reregister with FMC and create the bridge group from there.
C. Add a Bridge Group Interface to the FTD before transparent mode is configured.
To enable transparent mode on a Cisco FTD, you need to configure a bridge group interface. This interface allows the FTD to transparently forward traffic between different interfaces. By configuring the bridge group interface, you can then enable transparent mode and configure other settings as necessary.
Yes, adding a Bridge Group Interface to the FTD before enabling transparent mode can help to enable transparent mode on the FTD. Deregistering the FTD device from the FMC and configuring transparent mode via the CLI can enable transparent mode, but it is not the recommended approach.
Answer-C
Adding a Bridge Group Interface to the FTD before configuring transparent mode is necessary because it allows the FTD to forward traffic between two or more interfaces. Transparent mode, by definition, means that the FTD is transparent to the network and does not modify the source and destination IP addresses of the packets that it receives. Therefore, to enable transparent mode, the FTD must have at least two interfaces connected to the same network segment. These interfaces are then placed in a bridge group, which allows the FTD to forward traffic between them without modifying the packets. Without a bridge group interface, the FTD cannot operate in transparent mode, and any attempt to do so will result in the device not passing traffic.
A is the correct answer 100%
"steps to change FTD mode: 1- Deregister the FTD device from the FMC.
You cannot change the mode until you deregister the device.
2-Access the FTD device CLI
3- Change the firewall mode:
configure firewall [routed | transparent]'
Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/fpmc-config-guide-v601_chapter_01101010.html#:~:text=Deregister%20the%20FTD,deregister%20the%20device.
A is correct.
https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/transparent_or_routed_firewall_mode_for_firepower_threat_defense.html
This section is not available anymore. Please use the main Exam Page.300-710 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Bubu3k
Highly Voted 11 months, 2 weeks agoachille5
Most Recent 7 months, 3 weeks agobassfunk
1 year, 4 months agoLangaMos
1 year, 5 months agoAgentVinod
1 year, 5 months agojewell2j
1 year, 5 months agoInitial14
1 year, 8 months agomarkSingh
1 year, 9 months agoJoe_Blue
1 year, 9 months agoJoe_Blue
1 year, 9 months agotanri04
1 year, 9 months agoDID123
1 year, 10 months agoBaumb
1 year, 10 months agoMevijil
1 year, 10 months agoBaumb
1 year, 10 months agoJoe_Blue
1 year, 10 months agoDolby58
1 year, 10 months ago