Cisco Certified Internetwork Expert (CCIE) Practice Test

What are two effects of the given configuration on a Cisco ASA regarding botnet filtering? (Choose two)

• A. It enables botnet filtering in multiple context mode
• B. It enables botnet filtering in single context mode
• C. It enables the ASA to download the static botnet filter database
• D. It enables the ASA to download the dynamic botnet filter database

The correct answer is: It enables botnet filtering in multiple context mode

The effect of enabling botnet filtering in multiple context mode on a Cisco ASA is that it allows the device to apply botnet filtering across different security contexts, effectively managing and monitoring traffic for multiple virtual firewalls within a single physical appliance. This capability enhances security by permitting the ASA to identify and block traffic that is attempting to communicate with known botnet servers, protecting all contexts individually without needing separate configurations for each one. While the claim that it enables botnet filtering in multiple context mode is a valid outcome of the configuration, botnet filtering is also available in single context mode, where the entire device operates as a single firewall with no separate contexts, simplifying management in smaller environments or simpler configurations. Thus, both single and multiple context configurations can support botnet filtering, making the choice of enabling this feature in a single context mode equally plausible. The ability to download the static or dynamic botnet filter databases directly relates to the ASA's capacity to update its knowledge base for improved effectiveness in identifying threats. However, unless the configuration clearly indicates that it pertains to either static or dynamic databases, this aspect should be examined separately from the context in which the ASA operates. The dynamic database allows for more immediate updates and responses to emerging threats, while static databases rely on periodic