Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 360

An organization must add new firewalls to its infrastructure and wants to use Cisco ASA or Cisco FTD. The chosen firewalls must provide methods of blocking traffic that include offering the user the option to bypass the block for certain sites after displaying a warning page and to reset the connection. Which solution should the organization choose?

Answer options

• A. Cisco FTD because it enables interactive blocking and blocking with reset natively, whereas Cisco ASA does not.
• B. Cisco ASA because it has an additional module that can be installed to provide multiple blocking capabilities, whereas Cisco FTD does not.
• C. Cisco ASA because it allows for interactive blocking and blocking with reset to be configured via the GUI, whereas FTD does not.
• D. Cisco FTD because it supports system rate level traffic blocking, whereas Cisco ASA does not.

Correct answer: A

Explanation

The correct choice is A, as Cisco FTD has built-in features for interactive blocking and resetting connections, which are essential for the organization's requirements. Options B and C incorrectly suggest that ASA can match these capabilities, but they cannot natively offer the same level of interaction as FTD. Option D is irrelevant to the specific needs outlined in the question.