Which firepower preprocessor block traffic based on IP?
A . Signature-Based
B . Policy-Based
C . Anomaly-Based
D . Reputation-Based
Answer: D
Explanation:
Access control rules within access control policies exert granular control over network traffic logging and handling. Reputation-based conditions in access control rules allow you to manage which traffic can traverse your network, by contextualizing your network traffic and limiting it where appropriate.
Access control rules govern the following types of reputation-based control:
+ Application conditions allow you to perform application control, which controls application traffic based on not only individual applications, but also applications’ basic characteristics: type, risk, business relevance, categories, and tags.
+ URL conditions allow you to perform URL filtering, which controls web traffic based on individual websites, as well as websites’ system-assigned category and reputation. The ASA FirePOWER module can perform other types of reputation-based control, but you do not configure these using access control rules. For more information, see:
+ Blacklisting Using Security Intelligence IP Address Reputation explains how to limit traffic based on the reputation of a connection’s origin or destination as a first line of defense.
+ Tuning Intrusion Prevention Performance explains how to detect, track, store, analyze, and block the transmission of malware and other types of prohibited files.
Source: http://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-userguide/asa-firepower- module-user-guide-v541/AC-Rules-App-URL-Reputation.html
Leave a Reply