A VPN user is unable to connect to web resources behind the Cisco FTD device terminating the connection. While troubleshooting, the network administrator determines that the DNS responses are not getting through the Cisco FTD. What must be done to address this issue while still utilizing Snort IPS rules?
A) Uncheck the "Drop when Inline" box in the intrusion policy to allow the traffic
B) Modify the Snort rules to allow legitimate DNS traffic to the VPN users
C) Disable the intrusion rule thresholds to optimize the Snort processing
D) Decrypt the packet after the VPN flow so the DNS queries are not inspected
Correct Answer:
Verified
Q91: A security engineer is configuring an Access
Q92: What are two features of bridge-group interfaces
Q93: An engineer is building a new access
Q94: An engineer is restoring a Cisco FTD
Q95: In which two places are thresholding settings
Q97: Which CLI command is used to generate
Q98: An administrator is creating interface objects to
Q99: Which CLI command is used to control
Q100: An organization is setting up two new
Q101: Which two dynamic routing protocols are supported
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents