The correct answer is B. Every policy layer has an implicit cleanup action. When traffic enters an Inline Layer and none of the rules inside that layer match, the layer’s Implicit Cleanup Rule is applied. Option D is not the best answer because the question asks what happens if none of the rules match, and the baseline layer behavior is the implicit cleanup rule; an explicit cleanup rule is an administrator-created final rule and would itself be one of the rules evaluated before falling to the implicit action. Option A is wrong because unmatched traffic is not automatically accepted. Option C is too simplistic because while the default implicit cleanup action is commonly Drop in many layers, the technical mechanism is the Implicit Cleanup Rule. This distinction matters because administrators should add explicit cleanup rules for visibility and logging, but the system still has implicit behavior if they do not. Reference topics: Policy Layers, Inline Layers, Implicit Cleanup Rule, Access Control rulebase evaluation.