NSE 8 – Network Security Expert — Question 4

You verified that application control is working from previous configured categories. You just added Skype on blocked signatures. However, after applying the profile to your firewall policy, clients running Skype can still connect and use the application.
What are two causes of this problem? (Choose two.)

Answer options

• A. The application control database is not updated.
• B. SSL inspection is not enabled.
• C. A client on the network was already connected to the Skype network and serves as relay prior to configuration changes to block Skype
• D. The FakeSkype.botnet signature is included on your application control sensor.

Correct answer: A, B

Explanation

The correct answers are A and B because if the application control database is outdated, it may not recognize the latest signatures for blocking Skype. Additionally, if SSL inspection is not enabled, the firewall cannot inspect encrypted Skype traffic, allowing it to pass through unaffected. Answers C and D are less relevant because a previously connected client would not bypass a well-configured blocking setup, and the presence of a botnet signature would not facilitate normal Skype usage.