Home » Cisco » 400-251 » Which policy action allows to pass without any further inspection by the intrusion when implementing Cisco Firepower access control policy?

Which policy action allows to pass without any further inspection by the intrusion when implementing Cisco Firepower access control policy?

05/27/2018 – by Mod_GuideK 1

Which policy action allows to pass without any further inspection by the intrusion when implementing Cisco Firepower access control policy?
A. Pass
B. Interactive block
C. Allow
D. Monitor
E. Block
F. Trust

SHOW ANSWERS

One thought on “Which policy action allows to pass without any further inspection by the intrusion when implementing Cisco Firepower access control policy?”

test2019 says:

03/23/2019 at 4:22 PM

should be F:
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212321-clarify-the-firepower-threat-defense-acc.html
If you don’t want to apply any L7 actions at Snort level (e.g. Intrusion Policy, File Policy, Application Detection, URL Filtering, Security Intelligence etc) then it is recommended to use the Trust action in your rule.
If the goal is to allow the packet to traverse through the FTD, there is need to add a rule in ACP. The Action can be either Allow or Trust which depends on the goal (e.g. if you want to apply a L7 inspection you must use Allow action)

Reply

One thought on “Which policy action allows to pass without any further inspection by the intrusion when implementing Cisco Firepower access control policy?”

Leave a Reply Cancel reply