In which case would an ACL be configured to drop traffic?

An Access Control List (ACL) is a set of rules used to control the flow of traffic in a network by allowing or denying specific traffic based on predetermined criteria. Configuring an ACL to drop traffic is often employed as a security measure to prevent unwanted or unrecognized traffic from entering or leaving a network.

When traffic is unrecognized, it may pose a security risk because it could be an attempt to exploit vulnerabilities in the network or carry out unauthorized activities. By configuring the ACL to drop such unrecognized traffic, the network can help protect against potential threats and maintain better control over the types of data that are allowed. This action can be essential in maintaining the integrity of the network and ensuring that only legitimate and expected traffic is processed.

In contrast, the other scenarios would not necessarily lead to dropping traffic. For instance, simply matching any entry could mean allowing desired traffic instead, while intended traffic being detected often signifies that the traffic should be permitted rather than dropped. The logging of all traffic is a different function focused on monitoring and auditing rather than outright dropping traffic.