The ASA administrator wants to configure Botnet Traffic Filter using the dynamic database but it is
not working properly after the initiate configuration has been entered. What other configuration is
missing?
A.
Enabling DNS Snooping
B.
Enabling Botnet Traffic Filtering on at least one of the ASA interface
C.
Enabling the ASA to periodically download the dynamic database from Cisco
D.
Enabling DNS inspection globally
E.
Configuring the manual white and black lists
Explanation:
– If the interface is global then DNS inspection is enabled globally.
– If the “DNS Snooping Enabled” box is checked then “DNS Snooping” is enabled.
For answer B. Enabling Botnet Traffic Filtering on at least one of the ASA interface
If any of the boxes are checked then Botnet filtering is enabled on at least one of the
Interfaces.
For answer C. Enabling the ASA to periodically download the dynamic database from Cisco
Check if the “Use Botnet data dynamically downloaded from Update Server” is checked as
shown above.
For answer E. Configuring the manual white and black lists
Verify if White or Black lists are configured.
