300-710 Question #135: Real Exam Question with Answer & Explanation

Question

A network administrator is concerned about the high number of malware files affecting users' machines. What must be done within the access control policy in Cisco FMC to address this concern?

Options

• ACreate an intrusion policy and set the access control policy to block.
• BCreate an intrusion policy and set the access control policy to allow.
• CCreate a file policy and set the access control policy to allow.
• DCreate a file policy and set the access control policy to block.

Explanation

{"question_number": 5, "question": "A network administrator is concerned about the high number of malware files affecting users' machines. What must be done within the access control policy in Cisco FMC to address this concern?", "correct_answer": "C", "explanation": "To detect and act on malware files traversing the network, a File Policy must be created in Cisco FMC - not an intrusion policy. A file policy defines rules for inspecting file types, performing malware cloud lookups (via AMP), and optionally blocking malicious files. The access control rule containing the file policy must be set to 'Allow' (not Block) so that the traffic actually reaches the file inspection engine. If the rule action is 'Block', traffic is dropped immediately at the access control layer before the file policy ever gets to inspect it. An intrusion policy targets exploit signatures and network-based attacks, not file-based malware lookups.", "generated_by": "claude-sonnet", "llm_judge_score": 4}

No community discussion yet for this question.