Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 126

An organization wants to use Cisco FTD or Cisco ASA devices. Specific URLs must be blocked from being accessed via the firewall, which requires that the administrator input the bad URL categories that the organization wants blocked into the access policy. Which solution should be used to meet this requirement?

Answer options

• A. Cisco FTD because it enables URL filtering and blocks malicious URLs by default, whereas Cisco ASA does not.
• B. Cisco ASA because it enables URL filtering and blocks malicious URLs by default, whereas Cisco FTD does not.
• C. Cisco ASA because it includes URL filtering in the access control policy capabilities, whereas Cisco FTD does not.
• D. Cisco FTD because it includes URL filtering in the access control policy capabilities, whereas Cisco ASA does not.

Correct answer: D

Explanation

The correct answer is D because Cisco FTD provides URL filtering capabilities within its access control policies, allowing for specific URL categories to be blocked. In contrast, Cisco ASA does not have the same level of URL filtering integration in its access control features, making it less suitable for this requirement.