Hi everyone
I am studding to take my PCNSA soon followed with PCNSE
In my study guide I came a cross question for Tap interface
Which two actions can be done with a Tap interface? (Choosetwo.)
- encrypt traffic
- decrypt traffic
- allow or block traffic
- log traffic A Tap interface monitors traffic that is connected to a network switch's
MIRROR/SPAN port. This mirrored traffic is forwarded by a switch port to a firewall’s
Tap interface and is analyzed for App‐ID, User‐ID, Content‐ID, and other traffic, just like
any other normal data traffic that would pass through the firewall. Before traffic can be
logged, a security policy must be configured that includes the Tap zone- So i know Tap interface can log the traffic from Switches and Also know Tap traffic is not managed so it wouldn't be block or allow any traffic and that will leave the other 2 choices Encrypt and decrypt traffics , I don't think the tap interface encrypt any traffic bc it analyze the traffic for App-ID, User-ID, Content-ID - That's leave me with just decrypt traffic , I know that possible if I applied decryption role ( but is that going to managed as security roles ) since Tap interface must configured with security role that include the tap zone - Is the Correct answer for this question is Decrypt traffic and log traffic
- Please help me and share why bc I would like to understand more just get the correct answer
Nedriano
