Home » Cisco » 300-206 » Which description of the issue is true?

Which description of the issue is true?

06/25/2019 – by Mod_GuideK 5

Refer to the exhibit. The security engineer is troubleshooting internal access to the public DNS server at 209.165.200.226.

Which description of the issue is true?
A. The routes of the Cisco ASA are incorrectly identifying traffic from 10.10.10.1 on the outside interface of the firewall.
B. To accurately test DNS, the packet tracer should be run using packet type UDP and destination port 53.
C. To allow DNS, a rule specifically allowing the DNS access must be added in the rule base.
D. The engineer must verify the NAT rules of the firewall to ensure that correct NATing is taking place.

SHOW ANSWERS

5 thoughts on “Which description of the issue is true?”

Gioda says:

01/04/2020 at 7:43 AM

Packet type “IP” hits both tcp/udp…so I think the only configuration error in the packet tracer’s screnshoot is the Access-List.
Answer: C

Reply
Onehet says:

09/02/2019 at 10:01 AM

I think the right answer is C because packet tracer configuration is bad.

Reply
1. Kamba says:
  
  09/22/2019 at 9:48 AM
  
  +You mean “B” ?:
  
  B. To accurately test DNS, the packet tracer should be run using packet type UDP and destination port 53.
  
  +The screenshot has to be wrong or the answer is wrong you cannot do a packet tracer with protocol IP 53 ….
  
  Reply
  1. luisosa says:
    
    10/23/2019 at 10:30 AM
    
    I think the right answer is B
    
    Reply
2. Mike says:
  
  12/09/2019 at 11:11 AM
  
  “B” is a correct answer.
  
  Reply

5 thoughts on “Which description of the issue is true?”

Leave a Reply Cancel reply