300-710 Question #112: Real Exam Question with Answer & Explanation

Question

Refer to the exhibit. An organization has an access control rule with the intention of sending all social media traffic for inspection. After using the rule for some time, the administrator notices that the traffic is not being inspected, but is being automatically allowed. What must be done to address this issue?

Options

• AModify the selected application within the rule
• BChange the intrusion policy to connectivity over security.
• CModify the rule action from trust to allow
• DAdd the social network URLs to the block list

Explanation

{"question_number": 10, "correct_answer": "C", "explanation": "In Cisco FMC Access Control Policy, the rule action determines how matching traffic is handled. The 'Trust' action instructs the FTD to immediately allow traffic without subjecting it to any further inspection, including intrusion policy, file policy, or malware analysis - hence why traffic appears to be 'automatically allowed' and not inspected. To have social media traffic sent for inspection, the rule action must be changed from 'Trust' to 'Allow'. The 'Allow' action passes traffic to any configured intrusion or file inspection policies associated with that rule. Option A (modifying the application) would change what traffic is matched, not how it's inspected. Option B (changing to connectivity over security) adjusts inspection sensitivity but doesn't fix the core issue. Option D (blocking URLs) is the opposite of the intended goal.", "generated_by": "claude-sonnet", "llm_judge_score": 4}

No community discussion yet for this question.