Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?

Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?
A. security intelligence
B. impact flags
C. health monitoring
D. URL filtering

350-701: Implementing and Operating Cisco Security Core Technologies

Free dumps for 350-701 in PDF format.

High quality 350-701 PDF and software. VALID exam to help you pass.

cisco-exams

2 thoughts on “Which feature requires a network discovery policy on the Cisco Firepower Next Generation Intrusion Prevention System?

  1. IMPACT FLAGS

    From study material:
    Discovery is an integral part of the Cisco Firepower System. The data collected about hosts, applications, operating systems, services, users, and vulnerabilities is used throughout the system for analysis and automation of security protection:
    • The information can be used to generate impact flags to aid in intrusion analysis. When looking at the IPS attack, impact flag helps you to determine if the host under attack is actually vulnerable against attack performed.
    • The data can be used to automatically tune IPS rules. The system can recommend IPS rule states for automated tuning of the system based on discovered hosts and their vulnerabilities.
    • The discovery information is also useful when you are investigating security incidents.

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.