SNCF — Securing Networks with Firepower — Question 296

An engineer defines a new rule while configuring an Access Control Policy. After deploying the policy, the rule is not working as expected and the hit counters associated with the rule are showing zero. What is causing this error?

Answer options

• A. An incorrect application signature was used in the rule.
• B. The wrong source interface for Snort was selected in the rule.
• C. The rule was not enabled after being created.
• D. Logging is not enabled for the rule.

Correct answer: A

Explanation

The correct answer is A because using an incorrect application signature would prevent the rule from matching any traffic, resulting in zero hit counts. The other options could potentially cause issues, but they do not directly explain why no hits are recorded; for instance, not enabling the rule would lead to it being inactive, while logging settings wouldn't affect hit counter displays.