Which firepower preprocessor block traffic based on IP?
A.
Signature-Based
B.
Policy-Based
C.
Anomaly-Based
D.
Reputation-Based
Explanation:
Access control rules within access control policies exert granular control over network traffic
logging and handling. Reputation-based conditions in access control rules allow you to
manage which traffic can traverse your network, by contextualizing your network traffic and
limiting it where appropriate. Access control rules govern the following types of reputationbased control:
+ Application conditions allow you to perform application control, which controls application
traffic based on not only individual applications, but also applications’ basic characteristics:
type, risk, business relevance, categories, and tags.
+ URL conditions allow you to perform URL filtering, which controls web traffic based on
individual websites, as well as websites’ system-assigned category and reputation.
The ASA FirePOWER module can perform other types of reputation-based control, but you
do not configure these using access control rules. For more information, see:
+ Blacklisting Using Security Intelligence IP Address Reputation explains how to limit traffic
based on the reputation of a connection’s origin or destination as a first line of defense.
+ Tuning Intrusion Prevention Performance explains how to detect, track, store, analyze, and
block the transmission of malware and other types of prohibited files.
http://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asafirepower-module-user-guide-v541/AC-Rules-App-URL-Reputation.html