Refer to the exhibit.
Which option describes the problem with this botnet traffic filter configuration on the Cisco ASA
appliance?
A.
The traffic classification ACL is not defined.
B.
The use of the dynamic database is not enabled.
C.
DNS snooping is not enabled.
D.
The threat level range for the traffic to be dropped is not defined.
E.
The static black and white list entries should use domain name instead of IP address.
Explanation:
https://supportforums.cisco.com/docs/DOC-8782Prerequisite
The ASA must be running minimum 8.2 code to be able to configure botnet feature.
Botnet license must be installed on the ASA
Limitations Step by Step Configuration
1. Enable DNS client on ASA
2. Enable dynamic traffic filtering (Botnet Traffic Filter).
3. Enable the Botnet Traffic Filter database update.
4. Classify the traffic that will be exempted and subjected.
5. Enable dynamic-filter classification on outside interface
6. Configure a class map and only match dns traffic
7. Enable DNS snooping on the external interface
8. Define local whitelists and/or blacklists if needed.
Never block addresses:
Manual Black List: