SNCF — Securing Networks with Firepower — Question 55

An engineer is building a new access control policy using Cisco FMC. The policy must inspect a unique IPS policy as well as log rule matching. Which action must be taken to meet these requirements?

Answer options

• A. Configure an IPS policy and enable per-rule logging
• B. Disable the default IPS policy and enable global logging
• C. Configure an IPS policy and enable global logging
• D. Disable the default IPS policy and enable per-rule logging

Correct answer: A

Explanation

The correct choice is A because configuring an IPS policy with per-rule logging ensures that each rule is logged individually, which meets the requirement for logging rule matches. Option B is incorrect as disabling the default IPS policy does not satisfy the need for a unique IPS policy. Option C, while configuring an IPS policy, does not provide the necessary per-rule logging, and option D, like B, disables the default IPS policy, which is not needed for this scenario.