Which Cisco Firepower rule action displays an HTTP warning page?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
https://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401/AC-Rules-Tuning-Overview.html#76698The correct answer to this question is C. Interactive Block.
The Cisco Firepower Threat Defense (FTD) is a next-generation firewall that provides advanced security features such as intrusion prevention, malware protection, and URL filtering. One of the key features of the FTD is its ability to define rules that determine how it should handle different types of network traffic.
When a packet matches a rule, the FTD takes an action based on the configured rule action. The four available actions are Monitor, Block, Interactive Block, and Allow with Warning.
Monitor: This action logs the packet and allows it to pass through the firewall.
Block: This action drops the packet and sends a TCP reset to the source host, indicating that the connection has been terminated.
Interactive Block: This action blocks the packet and displays a customizable HTTP warning page to the user, informing them that the requested content has been blocked.
Allow with Warning: This action allows the packet to pass through the firewall, but generates a log message and can send an email notification to the administrator to alert them of the potential security risk.
In summary, the correct answer to the question is C. Interactive Block, because it is the rule action that displays an HTTP warning page to the user when a packet is blocked.