A web security appliance is inspecting inbound traffic. In which sequence is inbound https traffic inspected?
A. Routing Policy > Decryption Policy > Access Policy
B. Access Policy > Decryption Policy > Routing Policy
C. Routing Policy > Access Policy > Decryption Policy
D. Decryption Policy > Access Policy > Routing Policy
E. Decryption Policy > Routing Policy > Access Policy
F. Access Policy > Routing Policy > Decryption Policy
I guess it does not make any sense decrypting the traffic before checking if it is a valid connection. It saves a lot of resources if the access policy is checked first. Thus, B.
D?
Decrypt
The appliance allows the connection, but inspects the traffic content. It decrypts the traffic and applies Access Policies to the decrypted traffic as if it were a plaintext HTTP connection. By decrypting the connection and applying Access Policies, you can scan the traffic for malware.