Cisco Exam 300-730 Topic 6 Question 77 Discussion

Actual exam question for Cisco's 300-730 exam

Question #: 77
Topic #: 6

A network administrator wants to block traffic to a known malware site at https:/www.badsite.com and all subdomains while ensuring no packets from any internal client are sent to that site. Which type of policy must the network administrator use to accomplish this goal?

AAccess Control policy with URL filtering

BPrefilter policy

CDNS policy

DSSL policy
B) Prefilter policy is a type of policy that allows you to perform fast actions on traffic before it reaches the Access Control policy. You can use prefilter rules to drop, fastpath, or trust traffic based on simple criteria, such as IP addresses or ports. However, prefilter rules do not support URL filtering, so you cannot use them to block traffic based on the website domain3.
C) DNS policy is a type of policy that allows you to inspect and modify DNS requests and responses on your network. You can use DNS rules to block, monitor, or sinkhole DNS queries based on the requested domain name or the response IP address. However, DNS policy does not prevent packets from being sent to the malicious site; it only prevents the DNS resolution of the domain name. A client could still access the site if they know the IP address or use an alternative DNS server.
D) SSL policy is a type of policy that allows you to decrypt and inspect encrypted traffic on your network. You can use SSL rules to determine which traffic to decrypt based on various criteria, such as certificate attributes, cipher suites, or URL categories. However, SSL policy does not block traffic; it only decrypts it for further inspection by other policies.

Show Suggested Answer

Suggested Answer: A

The correct answer is A. Access Control policy with URL filtering. An Access Control policy is a type of policy that allows you to control how traffic is handled on your network based on various criteria, such as source and destination IP addresses, ports, protocols, applications, users, and URLs. URL filtering is a feature that enables you to block or allow traffic based on the URL category or reputation of the website. You can create custom URL objects to specify the exact URLs or domains that you want to block or allow. For example, you can create a URL object for https:/www.badsite.com and set it to block. This will prevent any traffic from reaching that site and any subdomains under it12.

by Rickie at Dec 08, 2023, 08:23 PM

Limited Time Offer

25%

Off

Get Premium 300-730 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Billye

10 days ago

Ah, good catch Jettie. The question specifically says the admin wants to block the site and all its subdomains, so the URL filtering capability of the Access Control policy would be the way to go.

upvoted 0 times

...

Jettie

11 days ago

I'm not so sure about the Prefilter policy. Doesn't it say that it doesn't support URL filtering? I think the Access Control policy with URL filtering might be a better option here.

upvoted 0 times

...

Sherman

12 days ago

Haha, good one Joanne! But yeah, I think the Access Control policy with URL filtering is the way to go here. Seems like the most direct and effective solution to the problem.

upvoted 0 times

...

Joanne

13 days ago

You know, if I were taking this exam, I'd be tempted to choose the DNS policy just to see the proctor's reaction. 'Sorry, I couldn't access the malware site because my DNS was broken.' *chuckles*

upvoted 0 times

...