Which policy action allows to pass without any further inspection by the intrusion when implementing Cisco Firepower access control policy?
A. Pass
B. Interactive block
C. Allow
D. Monitor
E. Block
F. Trust
Which policy action allows to pass without any further inspection by the intrusion when implementing Cisco Firepower access control policy?
A. Pass
B. Interactive block
C. Allow
D. Monitor
E. Block
F. Trust
should be F:
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212321-clarify-the-firepower-threat-defense-acc.html
If you don’t want to apply any L7 actions at Snort level (e.g. Intrusion Policy, File Policy, Application Detection, URL Filtering, Security Intelligence etc) then it is recommended to use the Trust action in your rule.
If the goal is to allow the packet to traverse through the FTD, there is need to add a rule in ACP. The Action can be either Allow or Trust which depends on the goal (e.g. if you want to apply a L7 inspection you must use Allow action)