SNCF — Securing Networks with Firepower — Question 54

A network administrator is concerned about the high number of malware files affecting users' machines. What must be done within the access control policy in
Cisco FMC to address this concern?

Answer options

• A. Create an intrusion policy and set the access control policy to block
• B. Create an intrusion policy and set the access control policy to allow
• C. Create a file policy and set the access control policy to allow
• D. Create a file policy and set the access control policy to block

Correct answer: C

Explanation

The correct answer is C because creating a file policy that allows specific file types while blocking unwanted ones can effectively reduce the risk of malware. Options A and B focus on intrusion policies, which do not specifically target file types, while option D would block all file types, potentially hindering legitimate traffic.