Adding New FTD Device to FMC Behind NAT Device | Cisco Firepower Exam Question

A.

The correct command set to add a new FTD device to an FMC behind a NAT device with NAT ID of ACME001 and a password of Cisco0391521107 is:

C. configure manager add <FMC IP>ACME001<registration key>

Explanation:

When an FTD device is added to an FMC, the FMC must be able to communicate with the FTD device over HTTPS. However, in a NAT environment, the FTD device's IP address is not reachable from the FMC, so the FTD device must initiate communication to the FMC.

To accomplish this, the FTD device needs to know the IP address and NAT ID of the FMC, as well as a registration key that is shared between the FTD device and the FMC. The registration key is used to authenticate the FTD device to the FMC.

The correct syntax for the configure manager add command in this scenario is:

configure manager add <FMC IP>ACME001<registration key>

Where:

• <FMC IP> is the IP address of the FMC.
• ACME001 is the NAT ID of the FMC.
• <registration key> is the registration key that is shared between the FTD device and the FMC.

Option A (configure manager add<FMC IP> <registration key>ACME001) is incorrect because it swaps the positions of the NAT ID and registration key parameters.

Option B (configure manager add ACME001<registration key> <FMC IP>) is incorrect because it also swaps the positions of the NAT ID and registration key parameters, and it omits the "less than" and "greater than" symbols around the NAT ID parameter.

Option D (configure manager add DONTRESOLVE <FMC IP> AMCE001<registration key>) is incorrect because it misspells "ACME001" and it includes the optional DONTRESOLVE keyword, which is not necessary in this scenario.