Building Access Control Policy

A.

The correct answer is A. Configure an IPS policy and enable per-rule logging.

Here's why:

Cisco Firepower Management Center (FMC) is a security management solution that provides unified management of firewalls, intrusion prevention systems (IPS), and other security technologies. Access control policies in FMC are used to determine what traffic is allowed or blocked on a network. These policies are made up of rules that specify conditions for matching traffic and actions to take for that traffic.

In this scenario, the engineer needs to build an access control policy that inspects a unique IPS policy and logs rule matching. This means that the policy needs to have an IPS policy that is different from the default policy and needs to log rule matching.

Option A is the correct answer because it involves configuring a unique IPS policy and enabling per-rule logging. Per-rule logging enables logging of each rule that is matched, allowing for more granular visibility into the traffic that is being allowed or blocked. This is useful for troubleshooting and forensic purposes.

Option B is incorrect because disabling the default IPS policy and enabling global logging would not meet the requirement for a unique IPS policy. Global logging logs all traffic that is processed by the system, regardless of whether it matches a rule or not.

Option C is incorrect because enabling global logging would not provide the granular visibility into rule matching that is required. Additionally, it would log all traffic, which could result in a large amount of unnecessary data.

Option D is incorrect because disabling the default IPS policy would not meet the requirement for a unique IPS policy. Enabling per-rule logging would provide the required visibility into rule matching, but without a unique IPS policy, the policy would not be inspecting the desired traffic.