A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SET Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.
What is the most likely reason?
A . The server is in the IPS policy excluded hosts list.
B . The block rule is below the blue line.
C . Peer-to-peer authentication is allowing the traffic.
D . The server has an IPS exception for that traffic.
Answer: A
Leave a Reply