Implementing Cisco Network Security (IINS v3.0) (#139)

Which Sourcefire event action should you choose if you want to block only malicious traffic from a particular end user?

Allow with inspection
Allow without inspection
Block
Trust
Monitor