SNCF — Securing Networks with Firepower — Question 128

An administrator receives reports that users cannot access a cloud-hosted web server. The access control policy was recently updated with several new policy additions and URL filtering. What must be done to troubleshoot the issue and restore access without sacrificing the organization's security posture?

Answer options

• A. Download a PCAP of the traffic attempts to verify the blocks and use the flexconfig objects to create a rule that allows only the required traffic to the destination server.
• B. Identify the blocked traffic in the Cisco FMC connection events to validate the block, and modify the policy to allow the traffic to the web server.
• C. Create a new access control policy rule to allow ports 80 and 443 to the FQDN of the web server.
• D. Verify the blocks using the packet capture tool and create a rule with the action monitor for the traffic.

Correct answer: B

Explanation

Option B is correct because it involves validating the blocked traffic in the Cisco FMC connection events and making necessary policy adjustments to allow access to the web server, which directly addresses the issue reported. Options A and D do not provide a direct solution to modifying the policy effectively, and Option C is too broad, as it doesn't consider the existing policy adjustments or the potential for other blocking factors.