Which addresses are considered “ambiguous addresses” and are put on the greylist by the Cisco
ASA botnet traffic filter feature?
A.
addresses that are unknown
B.
addresses that are on the greylist identified by the dynamic database
C.
addresses that are blacklisted by the dynamic database but also are identified by the static
whitelist
D.
addresses that are associated with multiple domain names, but not all of these domain names
are on the blacklist
Explanation:
http://www.cisco.com/en/US/docs/security/asa/asa83/asdm63/configuration_guide/protect_botnet.
html
Botnet Traffic Filter Address Categories
Addresses monitored by the Botnet Traffic Filter include:
•Known malware addresses—These addresses are on the blacklist identified by the dynamic
database and the static blacklist.
•Known allowed addresses—These addresses are on the whitelist. The whitelist is useful when an
address is blacklisted by the dynamic database and also identified by the static whitelist.
•Ambiguous addresses—These addresses are associated with multiple domain names, but not all
of these domain names are on the blacklist. These addresses are on the greylist.
•Unlisted addresses—These addresses are unknown, and not included on any list.