Cisco Exam 300-730 Topic 13 Question 92 Discussion

Actual exam question for Cisco's 300-730 exam

Question #: 92
Topic #: 13

A network administrator wants to block traffic to a known malware site at https:/www.badsite.com and all subdomains while ensuring no packets from any internal client are sent to that site. Which type of policy must the network administrator use to accomplish this goal?

AAccess Control policy with URL filtering

BPrefilter policy

CDNS policy

DSSL policy
B) Prefilter policy is a type of policy that allows you to perform fast actions on traffic before it reaches the Access Control policy. You can use prefilter rules to drop, fastpath, or trust traffic based on simple criteria, such as IP addresses or ports. However, prefilter rules do not support URL filtering, so you cannot use them to block traffic based on the website domain3.
C) DNS policy is a type of policy that allows you to inspect and modify DNS requests and responses on your network. You can use DNS rules to block, monitor, or sinkhole DNS queries based on the requested domain name or the response IP address. However, DNS policy does not prevent packets from being sent to the malicious site; it only prevents the DNS resolution of the domain name. A client could still access the site if they know the IP address or use an alternative DNS server.
D) SSL policy is a type of policy that allows you to decrypt and inspect encrypted traffic on your network. You can use SSL rules to determine which traffic to decrypt based on various criteria, such as certificate attributes, cipher suites, or URL categories. However, SSL policy does not block traffic; it only decrypts it for further inspection by other policies.

Show Suggested Answer

Suggested Answer: A

The correct answer is A. Access Control policy with URL filtering. An Access Control policy is a type of policy that allows you to control how traffic is handled on your network based on various criteria, such as source and destination IP addresses, ports, protocols, applications, users, and URLs. URL filtering is a feature that enables you to block or allow traffic based on the URL category or reputation of the website. You can create custom URL objects to specify the exact URLs or domains that you want to block or allow. For example, you can create a URL object for https:/www.badsite.com and set it to block. This will prevent any traffic from reaching that site and any subdomains under it12.

by Asuncion at Jul 13, 2024, 07:59 AM

Limited Time Offer

25%

Off

Get Premium 300-730 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Kati

2 months ago

Prefilter policy, definitely. Gotta keep those pesky malware sites out of our network, no matter what!

upvoted 0 times

Nida

1 months ago

Yes, using prefilter policy is the best option to block traffic to known malware sites and prevent any internal client packets from reaching them.

upvoted 0 times

...

Xuan

1 months ago

Prefilter policy, definitely. Gotta keep those pesky malware sites out of our network, no matter what!

upvoted 0 times

...

France

2 months ago

Haha, I almost went with the SSL policy, thinking 'Hey, let's just decrypt the traffic!' But prefilter is the clear winner here.

upvoted 0 times

...

Ernie

2 months ago

Hmm, I was thinking DNS policy, but you're right, prefilter is the way to go. Good one, guys!

upvoted 0 times

Monte

1 months ago

Hmm, I was thinking DNS policy, but you're right, prefilter is the way to go. Good one, guys!

upvoted 0 times

...

Blondell

1 months ago

B) Prefilter policy is a type of policy that allows you to perform fast actions on traffic before it reaches the Access Control policy. You can use prefilter rules to drop, fastpath, or trust traffic based on simple criteria, such as IP addresses or ports. However, prefilter rules do not support URL filtering, so you cannot use them to block traffic based on the website domain.

upvoted 0 times

...