cancel
Showing results for 
Search instead for 
Did you mean: 

Who Me Too'd this topic

Question I am not sure about the proper answer for it

L1 Bithead

Hi everyone 

I am studding to take my PCNSA soon followed with PCNSE 

In my study guide I came a cross question for Tap interface

Which two actions can be done with a Tap interface? (Choosetwo.)

  • encrypt traffic
  • decrypt traffic
  • allow or block traffic
  • log traffic A Tap interface monitors traffic that is connected to a network switch's
    MIRROR/SPAN port. This mirrored traffic is forwarded by a switch port to a firewall’s
    Tap interface and is analyzed for App‐ID, User‐ID, Content‐ID, and other traffic, just like
    any other normal data traffic that would pass through the firewall. Before traffic can be
    logged, a security policy must be configured that includes the Tap zone
    - So i know Tap interface can log the traffic from Switches and  Also know Tap traffic is not managed so it wouldn't be block or allow any traffic and that will leave the other 2 choices Encrypt and decrypt  traffics , I don't think the tap interface encrypt any traffic bc it analyze the traffic for App-ID, User-ID, Content-ID - That's leave me with just decrypt traffic , I know that possible if I applied decryption role ( but is that going to managed as security roles ) since Tap interface must configured with security role that include the tap zone
  • Is the Correct answer for this question is Decrypt traffic and log traffic 
  • Please help me and share why bc I would like to understand more just get the correct answer 
Nedriano
Who Me Too'd this topic