A network administrator wants to configure a default policy to block malicious sites based on the requested URL lookup. Which feature meets the requirement?
Grok Ai:
DNS Policy is generally the better choice for a default policy to block malicious sites based on URL lookups if:
Your primary goal is to stop known malicious domains efficiently.
You’re dealing with a high volume of encrypted traffic and don’t want to implement SSL decryption.
You want a lightweight, proactive solution integrated with Security Intelligence feeds.
URL Filter Policy is preferable if:
You need to block specific malicious URLs rather than entire domains.
You’re willing to configure SSL decryption or rely on SNI for HTTPS traffic.
You want to leverage reputation-based filtering and category controls for more nuanced policy enforcement.
DNS-based Security Intelligence allows you to block traffic based on the domain name requested by a client,
using a Security Intelligence Block list. Cisco provides domain name intelligence you can use to filter your
traffic; you can also configure custom lists and feeds of domain names tailored to your deployment.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.300-710 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
d0980cc
4 weeks agojcjcjcjcjc
2 months ago