300-710 Exam Dumps - Cisco CCNP Security Questions and Answers

https://www.cisco.com/c/en/us/td/docs/security/asa/asa910/configuration/ firewall/asa-910-firewall-config/access-sfr.html

Inline tap monitor-only mode (ASA inline)—In an inline tap monitor-only deployment, a copy of the traffic is sent to the ASA FirePOWER module, but it is not returned to the ASA. Inline tap mode lets you see what the ASA FirePOWER module would have done to traffic, and lets you evaluate the content of the traffic, without impacting the network. However, in this mode, the ASA does apply its policies to the traffic, so traffic can be dropped due to access rules, TCP normalization, and so forth.

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699-configure-ftd-high-availability-on-firep.html

Conditions

In order to create an HA between 2 FTD devices, these conditions must be met:

Same model

Same version (this applies to FXOS and to FTD - (major (first number), minor (second number), and maintenance (third number) must be equal))

Same number of interfaces

Same type of interfaces

Both devices as part of same group/domain in FMC

Have identical Network Time Protocol (NTP) configuration

Be fully deployed on the FMC without uncommitted changes

Be in the same firewall mode: routed or transparent.

Note that this must be checked on both FTD devices and FMC GUI since there have been cases where the FTDs had the same mode, but FMC does not reflect this.

Does not have DHCP/Point-to-Point Protocol over Ethernet (PPPoE) configured in any of the interface

Different hostname (Fully Qualified Domain Name (FQDN)) for both chassis. In order to check the chassis hostname navigate to FTD CLI and run this command