350-701 · Question #336
Refer to the exhibit. How does Cisco Umbrella manage traffic that is directed toward risky domains?
The correct answer is C. Traffic is managed by the security settings and blocked.. Cisco Umbrella manages traffic to risky domains by blocking it based on security settings, preventing access to malicious or unwanted sites.
Question
Refer to the exhibit. How does Cisco Umbrella manage traffic that is directed toward risky domains?
Exhibit
Options
- ATraffic is managed by the application settings, unhandled and allowed
- BTraffic is allowed but logged
- CTraffic is managed by the security settings and blocked.
- DTraffic is proxied through the intelligent proxy
How the community answered
(56 responses)- A5% (3)
- B2% (1)
- C91% (51)
- D2% (1)
Why each option
Cisco Umbrella manages traffic to risky domains by blocking it based on security settings, preventing access to malicious or unwanted sites.
Umbrella's primary function for risky domains is to block, not allow, and 'unhandled' doesn't fit its active protective role.
Allowing traffic to risky domains, even if logged, would compromise security, which is contrary to Umbrella's purpose.
When Cisco Umbrella identifies traffic directed towards a risky domain (e.g., malware, phishing, command-and-control), its security settings are configured to block access to such destinations. This protective action prevents users from connecting to known malicious infrastructure, thereby safeguarding the network from threats.
While Umbrella does have an intelligent proxy, it's typically used for uncategorized or suspicious domains for deeper inspection, not for outright blocking of known risky domains which are usually blocked at the DNS layer.
Concept tested: Cisco Umbrella security action for risky domains
Source: https://docs.umbrella.com/umbrella-user-guide/docs/about-security-settings
Topics
Community Discussion
No community discussion yet for this question.
