Which statement about Cisco ASA botnet filtering is true?
A. BTF takes the MD5 value and compares it against the dynamic database
B. BTF checks if the domain name in a DNS reply matches a name in the BTF database
C. BTF can rate-limit traffic to known botnet addresses
D. BTF redirects DNS queries to a BTF server for further analysis
I think yes B is the correct answer
https://www.cisco.com/c/en/us/td/docs/security/asa/special/botnet/guide/asa-botnet.html