On the basis of the following information. Applying the HTTP inspection map named
MY_HTTP_MAP to the outside interface of the security appliance. Because of this configuration,
which action will be taken by the security appliance on HTTP traffic entering its outside interface?
NOTE: The CLI version of this configuration is provided here.
regex URL_ABC “.+abc\.com”
regex URL_DEF “.+def\.com”
regex URL_XYZ “.+xyz\.com”
. . .
class-map OUTSIDE_CLASS
match any
class-map type regex match-any URLs
match regex URL_ABC
match regex URL_XYZ
class-map type inspect http match-all
RESTRICTED_HTTP
match request body length gt 1000
match not request uri regex class URLs
. . .
policy-map type inspect http MY_HTTP_MAP
parameters
protocol-violation action drop-connection
class RESTRICTED_HTTP
drop-connection
policy-map OUTSIDE_POLICY
class OUTSIDE_CLASS
inspect http MY_HTTP_MAP
. . .
service-policy OUTSIDE_POLICY interface outside
A.
drops any HTTP request that is destined for xyz.com or has a header length greater than 1000
bytes
B.
drops any HTTP request for def.com that has a body length greater than 1000 bytes
C.
drops any HTTP packet that is destined for def.com and has a header length greater than 1000
bytes
D.
drops any HTTP packet that is destined for abc.com or has a body length greater than 1000
bytes