Which configuration enables blocking access to multiple URLs for security purposes using policy and responder rules?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master Citrix ADC13 with Citrix Gateway 1Y0-231 Test. Use flashcards and multiple choice questions with hints. Prepare thoroughly for your exam!

Multiple Choice

Which configuration enables blocking access to multiple URLs for security purposes using policy and responder rules?

Explanation:
Blocking access to multiple URLs at the DNS layer is achieved by combining a policy pattern set with a DNS responder rule that overrides DNS responses. You define a patset that lists the bad URLs, then create a responder policy that checks DNS questions against that patset using DNS.REQ.QUESTION.DOMAIN.CONTAINS_ANY and takes an action to terminate the query, such as RESET. Binding this responder policy globally ensures every DNS request is evaluated, so any query containing a bad URL is immediately blocked before it reaches the target site. The reason this configuration is the best fit is that it explicitly uses DNS_REQ_OVERRIDE to intercept and override DNS responses based on a list of disallowed domains, and it applies globally with a concrete action that reliably terminates the query. The other options either use a different action (which may not terminate the DNS flow consistently), omit the global binding, or lack the necessary responder policy, so they wouldn’t block all undesired URLs as effectively.

Blocking access to multiple URLs at the DNS layer is achieved by combining a policy pattern set with a DNS responder rule that overrides DNS responses. You define a patset that lists the bad URLs, then create a responder policy that checks DNS questions against that patset using DNS.REQ.QUESTION.DOMAIN.CONTAINS_ANY and takes an action to terminate the query, such as RESET. Binding this responder policy globally ensures every DNS request is evaluated, so any query containing a bad URL is immediately blocked before it reaches the target site.

The reason this configuration is the best fit is that it explicitly uses DNS_REQ_OVERRIDE to intercept and override DNS responses based on a list of disallowed domains, and it applies globally with a concrete action that reliably terminates the query. The other options either use a different action (which may not terminate the DNS flow consistently), omit the global binding, or lack the necessary responder policy, so they wouldn’t block all undesired URLs as effectively.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy