CORRECT TEXT

CORRECT TEXT

CORRECT TEXT

Answer: See the explanation

Explanation:
Here are step by Step Configuration:

Click “Edit”
Select the “Rule Actions” tab, check HTTP.

** This satisfies part 1 of the question to “Enables HTTP inspection globally on the Cisco ASA”.

Click the configure button next to the right of “HTTP” and click on radio button to the left of “Select
an HTTP inspect map for fine control over inspection”.

Enter “http-inspect-map’ in the name field of the HTTP inspect map.
** This satisfies part 2 of the question to “Create a new Inspect Map named: http-inspect-map.”
Click the “Details” button

In the details window the “Check for protocol violations” is selected and the action “Drop
Connection” is also selected by default.
** This satisfies part 2a of the question to “Enable the dropping of any HTTP connections that
encounter HTTP protocol violations”.
Click the “Inspections tab” in the “Add HTTP Inspect Map” window.

Click “Add”

The default settings of the “Add HTTP Inspect” window are
– Single match
– Match type: Match
– Criterion: Request/Response Content type mismatch
– Actions: Drop Connection
– Log: Enable
** This satisfies part 2b of the question to “Enable the dropping and logging of any HTTP
connections when the content type in the HTTP response does not match one of the MIME types
in the accept field of the HTTP request.
Click “OK”.

Click “OK”

Click “OK”

Click “OK”

Click “Apply”

If the “Preview commands” has been configured on the ASDM preferences the following window
will appear showing the CLI commands that will be applied to the ASA.

Click “Send”

Select File > Exit

Click “Save”

Click “Yes”



Leave a Reply 0

Your email address will not be published. Required fields are marked *

20 − eighteen =