A company uses Cisco Firepower Threat Defense (FTD) managed by FMC. They need to create an access control policy that allows traffic from specific source IPs to a web server, but blocks all other traffic. How should the rule base be ordered?
The permit rule matches first for allowed sources; the block rule catches all others.
Why this answer
Access control rules are evaluated in order from top to bottom. The first matching rule is applied. Therefore, the permit rule for the specific source IPs must come before the final block rule.