John works as a network administrator .
According to the exhibit, the only traffic that John would like to allow through the corporate Cisco
ASA adaptive security appliance is inbound HTTP to the DMZ network and all traffic from the
inside network to the outside network. John also has configured the Cisco ASA adaptive security
appliance, and access through it is now working as expected with one exception: contractors
working on the DMZ servers have been surfing the Internet from the DMZ servers, which (unlike
other Company XYZ hosts) are using public, routable IP addresses. Neither NAT statements nor
access lists have been configured for the DMZ interface.
What is the reason that the contractors are able to surf the Internet from the DMZ servers?
(Note: The 192.168.X.XIP addresses are used to represent routable public IP addresses even
though the 192.168.1.0 network is not actually a public routable network.)
A.
An access list on the outside interface permits this traffic.
B.
NAT control is not enabled.
C.
The DMZ servers are using the same global pool of addresses that is being used by the inside
hosts.
D.
HTTP inspection is not enabled.