Chapter 18. Traffic Decryption Policy Flashcards

1
Q
  1. An administrator configured an SSL policy and then deployed the policy on a threat defense system right away however, the new configuration does not take any actions on encrypted traffic. Which of the following reasons could be applicable?

A. The default action of the access control policy is set to Network Discovery Only.

B. A file policy was not created and deployed on the threat defense.

C. An SSL policy is not invoked in the access control policy.

D. The SSL decryption license is not applied on the threat defense.

A

C. An SSL policy is not invoked in the access control policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Which of the following statements is true?

A. Decryption of encrypted traffic can impact overall throughput.

B. SSL rules that require the least amount of information to determine the outcome should be placed at the top in order.

C. When positioning the SSL rules, place the Block and Do Not Decrypt actions before the rules that have Decrypt Known Key and Decrypt Resign actions.

D. All of these answers are correct.

A

D. All of these answers are correct.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. To prevent an end user from downloading an executable file from https://example.com, which of the following actions is required?

A. Add an SSL rule for the matching traffic with the Decrypt - Resign action.

B. Add an access control rule for matching traffic with the Allow action.

C. Add a file rule to block the executable file type.

D. All of these answers are correct

A

D. All of these answers are correct.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which of the following options is the supported way to block the SSLv2 protocol?

A. In an access control rule, add a rule condition to block port 443 (under the Ports tab).

B. In an access control rule, add a rule condition to block an HTTPS application (under the Applications tab).

C. In an SSL policy, choose the Block action for an SSLv2 session (under the Undecryptable Action tab).

D. In an SSL rule, add a rule condition to block the SSLv2 protocol (under the Version tab).

A

C. In an SSL policy, choose the Block action for an SSLv2 session (under the Undecryptable Action tab).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following views in the GUI display the SSL status and action?

A. The connection events page at Analysis > Connections > Events

B. The file events page at Analysis > Files > File Events

C. The Connection summary dashboard

D. All of these answers are correct.

A

D. All of the views in the GUI display the SSL status and action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly