A Snort sensor is generating many false-positive sfPortscan alerts, in which busy, trusted hosts are flagged as the source of port sweep events. Which tuning strategy can mitigate this problem?
A. Add the host to the Ignore Scanner list.
B. Add the host to the Ignore Scanned list.
C. Add the host to the Watch IP list.
D. Apply a rule threshold.
