To log the full URL for traffic matching a specific rule in the Access Control policy, the "Extended Log" track option must be selected for that rule. This is a per-rule setting configured in the "Track" column of the Rule Base. According to Check Point's official documentation, when "Extended Log" is enabled for a rule involving the Application Control blade, the generated log entry is enriched with more detailed information, which explicitly includes the full URL of the request. This provides granular control over logging verbosity for specific traffic without affecting the entire policy.

B. This describes a setting that does not exist in the specified location. The correct option is "Extended Log," not a "log URL" setting.

C. This is incorrect. Verbose logging, such as capturing full URLs, is not enabled by default to conserve system resources and log storage.

D. This refers to global blade settings. The question requires a configuration for a specific rule, not a global change that would affect all rules.

1. Check Point R81.10 Security Management Administration Guide, Chapter: "The Access Control Policy", Section: "Configuring the Track Setting for a Rule", Page 371.

The guide states: "For some rules, you can select Extended Log. This gives a more detailed log entry. For example, for a Firewall rule, an Extended Log includes the rule number. For an Application Control rule, an Extended Log includes the full URL."

2. Check Point R81.1 Certified Security Administrator (CCSA) Study Guide, Chapter 6: "Monitoring Security Gateways", Section: "Tracking and Logging", Page 161.

This official courseware lists "Extended Log" as a tracking option and explains it "Generates a log with a more detailed description than the Log option," confirming its purpose for enhanced logging detail.