How can FirePOWER block malicious email attachments?
A . It forwards email requests to an external signature engine.
B . It scans inbound email messages for known bad URLs.
C . It sends the traffic through a file policy.
D . It sends an alert to the administrator to verify suspicious email messages.
Answer: C
Explanation:
A file policy is a set of configurations that the system uses to perform advanced malware protection and file control, as part of your overall access control configuration.
A file policy, like its parent access control policy, contains rules that determine how the system handles files that match the conditions of each rule. You can configure separate file rules to take different actions for different file types, application protocols, or directions of transfer.
You can associate a single file policy with an access control rule whose action is Allow, Interactive Block, or Interactive Block with reset. The system then uses that file policy to inspect network traffic that meets the conditions of the access control rule.
Source: http://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-userguide/asa-firepower- module-user-guide-v541/AMP-Config.html
Leave a Reply