SNCF — Securing Networks with Firepower — Question 232

An engineer is configuring URL filtering for a Cisco FTD device in Cisco FMC. Users must receive a warning when they access http://www.badadultsite.com with the option of continuing to the website if they choose to. No other websites should be blocked. Which two actions must the engineer take to meet these requirements? (Choose two.)

Answer options

• A. On the HTTP Responses tab of the access control policy editor, set the Interactive Block Response Page to System-provided.
• B. Configure the default action for the access control policy to Interactive Block.
• C. Configure an access control rule that matches an URL object for http://www.badadultsite.com/ and set the action to Interactive Block.
• D. Configure an access control rule that matches the Adult URL category and set the action to Interactive Block.
• E. On the HTTP Responses tab of the access control policy editor, set the Block Response Page to Custom.

Correct answer: A, C

Explanation

The correct answer is A and C because setting the Interactive Block Response Page to System-provided allows users to receive a warning and choose to proceed, and configuring an access control rule for the specific URL http://www.badadultsite.com/ with the Interactive Block action fulfills the requirement of allowing access while warning users. Options B and D are incorrect as they would restrict access rather than provide a warning, and option E does not meet the requirement for an interactive block response.