SNCF — Securing Networks with Firepower — Question 45

An engineer is setting up a new Firepower deployment and is looking at the default FMC policies to start the implementation. During the initial trial phase, the organization wants to test some common Snort rules while still allowing the majority of network traffic to pass. Which default policy should be used?

Answer options

• A. Balanced Security and Connectivity
• B. Security Over Connectivity
• C. Maximum Detection
• D. Connectivity Over Security

Correct answer: D

Explanation

The 'Connectivity Over Security' policy prioritizes allowing traffic through while still enabling some level of security monitoring, making it ideal for testing scenarios. In contrast, the other options focus more on security, potentially restricting traffic flow which is not suitable during the trial phase when the goal is to analyze Snort rules with minimal disruption.