A device on your internal network is hard-coded with two DNS server on the Internet (1.1.1.53, 2.2.2.53).
However, you want to send all requests to your OpenDNS server (208.67.222.222).
Which set of commands do you run on the ASA to achieve this goal?
A . Static (inside, outside) source any 1.1.1.53destination 208.61 222.222 eq domain
Static (inside, outside) source any 2.2.2.53 destination 208.67.222.222 eq domain
B . Static (inside, outside) source any 208.67.222.222 destination 1.1.1.53 eq domain
Static (inside, outside) source any 208.67.222.222 destination 2.2.2.53 eq domain
C . Static (inside, outside) source any destination 208.67.222.222 eq domain
D . Static (outside, inside) source any 208.67.222 222 destination 1.1.1.56 eq domain
Static (outside, inside) source any 208.67.222.222 destination 2.2.2.53 eq domain
E . Net (inside, outside) source any 1. 1.1.53 destination 208.67.222 222 eq domain
Nat (inside, outside) source any 2.2.2.53 destination 208.67.222 222 eq domain
F . Object network OpenDNS
Host 208.67.222.222
!
Object network Rogue1-DNS
Host 1.1.1.53
Object network Rogue2-DNS
Host 2.2.2.53
!
Object-group network Rogue-DNS
Network-object object Rogue1-DNS
Network-object object Rogue2-DNS
!
object service udp-DNS
Service udp destination eq domain
!
object service tcp-DNS
Service tcp destination eq domain
!
nat(inside, outside) source static any interface destination static Rogue-DNS OpenDNS service udp-DNS udp-DNS
nat(inside, outside) source static any interface destination static Rogue-DNS OpenDNS service tcp-DNS tcp-DNS
G . nat (inside, outside) source static any interface destination static Rogue-DNS OpenDNS service udp-DNS udp-DNs
nat (inside, outside) source static any interface destination static Rogue-DNS OpenDNS service udp-DNS udp-DNS
H . object network OpenDNS
host 1.1.1.53
object network Rogue1-DNS
host 2.2.2.53
!
Object-group network rogue1-DNS
Network-object object Rogue1-DNS
Network-object object Rogue2-DNS
!
Object service udp-DNS
Service udp destination eq domain
!
Object service tcp-DNS
Service tcp destination eq domain
!
Nat (inside, outside) source static any interface destination static OpenDNS Rogue-DNS service udp-DNS udp-DNS
Nat (inside, outside) source static any interface destination static OpenDNS Rogue-DNS service tcp-DNS tcp-DNS
Answer: F
Leave a Reply