What is the primary role of Advanced DNS Security in protecting against DNS-based threats?

When a firewall acts as an application-level gateway (ALG), what does it require in order to establish a connection?

In which mode should an ION device be configured at a newly acquired site to allow site traffic to be audited without steering traffic?

A company has an ongoing initiative to monitor and control IT-sanctioned SaaS applications. To be successful, it will require configuration of decryption policies, along with data filtering and URL Filtering Profiles used in Security policies.

Based on the need to decrypt SaaS applications, which two steps are appropriate to ensure success? (Choose two.)

A firewall administrator wants to segment the network traffic and prevent noncritical assets from being able to access critical assets on the network.

Which action should the administrator take to ensure the critical assets are in a separate zone from the noncritical assets?