Which Sourcefire secure action should you choose if you want to block only malicious traffic from a particular
end-user?

A.
Allow with inspection

B.
Allow without inspection

C.
Block

D.
Trust

E.
Monitor

Explanation:
BDA file policy is a set of configurations that the system uses to perform advanced malware protection and file
control, as part of your overall access control configuration.
A file policy, like its parent access control policy, contains rules that determine how the system handles files that
match the conditions of each rule. You can configure separate file rules to take different actions for different file
types, application protocols, or directions of transfer.
You can associate a single file policy with an access control rule whose action is Allow, Interactive Block, or
Interactive Block with reset. The system then uses that file policy to inspect network traffic that meets the
conditions of the access control rule.

Source: http://www.cisco.com/c/en/us/td/docs/security/firesight/541/firepower-module-user-guide/asa-firepowermodule-user-guide-v541/AMP-Config.html