300-710 Question #287: Real Exam Question with Answer & Explanation

The correct answer is D: Trust All Traffic. In a Cisco FTD Access Control Policy, the "Trust All Traffic" default action allows all traffic, including that from undefined applications, to pass without Snort inspection.

Configuration

Question

Which default action setting in a Cisco FTD Access Control Policy allows all traffic from an undefined application to pass without Snort inspection?

Options

ANetwork Discovery Only
BInherit from Base Policy
CIntrusion Prevention
DTrust All Traffic

Explanation

In a Cisco FTD Access Control Policy, the "Trust All Traffic" default action allows all traffic, including that from undefined applications, to pass without Snort inspection.

Common mistakes.

A. Network Discovery Only would allow traffic to pass but would still perform network discovery, not necessarily bypassing all Snort inspection, and it's not a common default action for simply allowing traffic without inspection.
B. Inherit from Base Policy implies the action is determined by a parent policy, which doesn't directly define the behavior for "undefined application" traffic.
C. Intrusion Prevention explicitly enables Snort inspection, which is the opposite of the requirement to pass traffic without Snort inspection.

Concept tested. FTD Access Control Policy default actions and Snort inspection

Reference. https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/fpmc-access-policies.html#concept_63795C62070D48119098EF0C04F09B17

Topics

#Cisco FTD#Access Control Policy#Default Action#Snort Inspection

Community Discussion

No community discussion yet for this question.

Full 300-710 Practice Browse All 300-710 Questions