What other configuration is missing?

The ASA administrator wants to configure Botnet Traffic Filter using the dynamic database but it is
not working properly after the initiate configuration has been entered. What other configuration is
missing?

The ASA administrator wants to configure Botnet Traffic Filter using the dynamic database but it is
not working properly after the initiate configuration has been entered. What other configuration is
missing?

A.
Enabling DNS Snooping

B.
Enabling Botnet Traffic Filtering on at least one of the ASA interface

C.
Enabling the ASA to periodically download the dynamic database from Cisco

D.
Enabling DNS inspection globally

E.
Configuring the manual white and black lists

Explanation:

– If the interface is global then DNS inspection is enabled globally.
– If the “DNS Snooping Enabled” box is checked then “DNS Snooping” is enabled.
For answer B. Enabling Botnet Traffic Filtering on at least one of the ASA interface

If any of the boxes are checked then Botnet filtering is enabled on at least one of the
Interfaces.
For answer C. Enabling the ASA to periodically download the dynamic database from Cisco

Check if the “Use Botnet data dynamically downloaded from Update Server” is checked as
shown above.
For answer E. Configuring the manual white and black lists

Verify if White or Black lists are configured.



Leave a Reply 0

Your email address will not be published. Required fields are marked *