A network administrator notices that web-browsing traffic is being classified as 'incomplete' in the App-ID table. What is the most likely cause?
Without SSL decryption, encrypted traffic cannot be fully inspected, leading to 'incomplete' App-ID.
Why this answer
Option D is correct because SSL decryption is required to inspect encrypted traffic for App-ID to identify applications beyond the SSL protocol itself. Without decryption, the traffic may remain as 'incomplete' if the payload is encrypted. Option A is wrong because App-ID updates do not affect classification of encrypted traffic without decryption.
Option B is wrong because policy configuration does not cause incomplete classification. Option C is wrong because asymmetric routing can cause incomplete, but it is less common than lack of decryption in this scenario.