Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
A. security intelligence
B. impact flags
C. health monitoring
D. URL filtering
Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
A. security intelligence
B. impact flags
C. health monitoring
D. URL filtering
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/external_alerting_with_alert_responses.html
Answer B
IMPACT FLAGS
From study material:
Discovery is an integral part of the Cisco Firepower System. The data collected about hosts, applications, operating systems, services, users, and vulnerabilities is used throughout the system for analysis and automation of security protection:
• The information can be used to generate impact flags to aid in intrusion analysis. When looking at the IPS attack, impact flag helps you to determine if the host under attack is actually vulnerable against attack performed.
• The data can be used to automatically tune IPS rules. The system can recommend IPS rule states for automated tuning of the system based on discovered hosts and their vulnerabilities.
• The discovery information is also useful when you are investigating security incidents.