Cisco Exam 300-730 Topic 3 Question 81 Discussion

Actual exam question for Cisco's 300-730 exam

Question #: 81
Topic #: 3

A network administrator wants to block traffic to a known malware site at https:/www.badsite.com and all subdomains while ensuring no packets from any internal client are sent to that site. Which type of policy must the network administrator use to accomplish this goal?

AAccess Control policy with URL filtering

BPrefilter policy

CDNS policy

DSSL policy
B) Prefilter policy is a type of policy that allows you to perform fast actions on traffic before it reaches the Access Control policy. You can use prefilter rules to drop, fastpath, or trust traffic based on simple criteria, such as IP addresses or ports. However, prefilter rules do not support URL filtering, so you cannot use them to block traffic based on the website domain3.
C) DNS policy is a type of policy that allows you to inspect and modify DNS requests and responses on your network. You can use DNS rules to block, monitor, or sinkhole DNS queries based on the requested domain name or the response IP address. However, DNS policy does not prevent packets from being sent to the malicious site; it only prevents the DNS resolution of the domain name. A client could still access the site if they know the IP address or use an alternative DNS server.
D) SSL policy is a type of policy that allows you to decrypt and inspect encrypted traffic on your network. You can use SSL rules to determine which traffic to decrypt based on various criteria, such as certificate attributes, cipher suites, or URL categories. However, SSL policy does not block traffic; it only decrypts it for further inspection by other policies.

Show Suggested Answer

Suggested Answer: A

The correct answer is A. Access Control policy with URL filtering. An Access Control policy is a type of policy that allows you to control how traffic is handled on your network based on various criteria, such as source and destination IP addresses, ports, protocols, applications, users, and URLs. URL filtering is a feature that enables you to block or allow traffic based on the URL category or reputation of the website. You can create custom URL objects to specify the exact URLs or domains that you want to block or allow. For example, you can create a URL object for https:/www.badsite.com and set it to block. This will prevent any traffic from reaching that site and any subdomains under it12.

by Cecil at Mar 05, 2024, 02:48 AM

Limited Time Offer

25%

Off

Get Premium 300-730 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Valentine

20 days ago

I'm with you guys. Prefilter policy is the clear winner here. Though, I have to say, I'm a little disappointed that the malware site is called 'badsite.com'. That's just so on the nose, you know?

upvoted 0 times

...

Krissy

21 days ago

You know, I was initially leaning towards the DNS policy option, but then I realized that wouldn't actually prevent the clients from accessing the site if they knew the IP address. Prefilter policy is definitely the way to go.

upvoted 0 times

...

Ellsworth

21 days ago

Yeah, I agree with Charolette. Prefilter policy is the way to go here. It's a lot simpler than trying to use a DNS policy or SSL policy, which wouldn't really address the core issue.

upvoted 0 times

...

8 days ago

I agree, B) Prefilter policy is the right choice for blocking traffic to the known malware site and its subdomains.

upvoted 0 times

...