Which Sourcefire event action should you choose if you want to block only malicious traffic from a particular end user?
A. Allow without inspection
B. Block
C. Allow with inspection
D. Trust
E. Monitor
Which Sourcefire event action should you choose if you want to block only malicious traffic from a particular end user?
A. Allow without inspection
B. Block
C. Allow with inspection
D. Trust
E. Monitor
wouldn’t it be B? why C
B would block all traffic but we want to block only malicious traffic.