Cisco
300-415 · Question #134
300-415 Question #134: Real Exam Question with Answer & Explanation
The correct answer is A: Local domain bypass. Local domain bypass is the feature that ensures internally hosted applications remain reachable when a DNS security policy is active by preventing internal DNS queries from being redirected to the cloud security service.
Security and Quality of Service
Question
Which feature allows reachability to an organization's internally hosted application for an active DNS security policy on a device?
Options
- ALocal domain bypass
- BDHCP option 6
- CDNSCrypt configurator
- Ddata pokey with redirect
Explanation
Local domain bypass is the feature that ensures internally hosted applications remain reachable when a DNS security policy is active by preventing internal DNS queries from being redirected to the cloud security service.
Common mistakes.
- B. DHCP option 6 is used to provide DNS server IP addresses to clients, but it does not directly manage bypassing an active DNS security policy for internal applications.
- C. DNSCrypt configurator is a tool or feature for encrypting DNS traffic between the client and resolver, which is unrelated to bypassing a security policy for local domains.
- D. 'data pokey with redirect' is not a standard or recognized feature in the context of DNS security policies or Cisco SD-WAN.
Concept tested. DNS security local domain bypass
Topics
#DNS Security#Policy Bypass#Internal DNS#SD-WAN Security
Community Discussion
No community discussion yet for this question.