FCSS – Enterprise Firewall Administrator 7.4 — Question 34

During the maintenance window, an administrator must sniff all the traffic going through a specific firewall policy, which is handled by NP6 interfaces. The output of the sniffer trace provides just a few packets.
Why is the output of sniffer trace limited?

Answer options

• A. The traffic corresponding to the firewall policy is encrypted.
• B. auto-asic-off load is set to enable in the firewall policy,
• C. inspection-mode is set to proxy in the firewall policy.
• D. The option npudbg is not added in the diagnose sniff packet command.

Correct answer: B

Explanation

The correct answer is B because when auto-asic-off load is enabled in the firewall policy, it prevents the traffic from being processed by the NP6 interfaces, leading to limited visibility in the sniffer output. Option A is incorrect because even if traffic is encrypted, it would still be visible in sniffer traces, albeit in an unreadable format. Option C is also incorrect as setting the inspection mode to proxy does not restrict the traffic being captured. Option D is not the correct reason because while npudbg might provide more detailed output, it does not directly limit the number of packets captured.