Click the Exhibit button. You have just committed the new IDP policy shown in the exhibit.
However, you notice no action is taken on traffic matching the R4 IDP rule. Which two
actions will resolve the problem? (Choose two.)
A.
Change the IPS rulebase to an exempt rulebase.
B.
Delete the terminal statement from the R3 rule.
C.
Change the R4 rule to match on a predefined attack group.
D.
Insert the R4 rule above the R3 rule.
B and D
0
0
agree with you
0
0
B D
0
0
Agree, but some more context, because context is delicious:
Use caution when defining terminal rules. An inappropriate terminal rule can leave your network open to attacks. Remember that traffic matching the source, destination, and application of a terminal rule is not compared to subsequent rules, even if the traffic does not match an attack object in the terminal rule. Use a terminal rule only when you want to examine a certain type of traffic for one specific set of attack objects. Be particularly careful about terminal rules that use any for both the source and destination. Terminal rules should appear near the top of the rulebase before other rules that would match the same traffic.
0
0