Cisco
300-710 · Question #152
300-710 Question #152: Real Exam Question with Answer & Explanation
Sign in or unlock 300-710 to reveal the answer and full explanation for question #152. The question stem and answer options stay visible for context.
Management and Troubleshooting
Question
A VPN user is unable to conned lo web resources behind the Cisco FTD device terminating the connection. While troubleshooting, the network administrator determines that the DNS responses are not getting through the Cisco FTD. What must be done to address this issue while still utilizing Snort IPS rules?
Options
- AUncheck the "Drop when Inline" box in the intrusion policy to allow the traffic.
- BModify the Snort rules to allow legitimate DNS traffic to the VPN users.
- CDisable the intrusion rule threshes to optimize the Snort processing.
- DDecrypt the packet after the VPN flow so the DNS queries are not inspected
Unlock 300-710 to see the answer
You've previewed enough free 300-710 questions. Unlock 300-710 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#FTD#Snort IPS#DNS Troubleshooting#Intrusion Policy