Which type of policy is used to define the scope for applications that are running on hosts?
A. access control policy.
B. application awareness policy.
C. application detector policy.
D. network discovery policy.
Which type of policy is used to define the scope for applications that are running on hosts?
A. access control policy.
B. application awareness policy.
C. application detector policy.
D. network discovery policy.
“If you want to adjust the scope of network discovery, you can create additional discovery rules and modify or remove the default rule.”
Seems like D the right one.
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Network_Discovery_Policies.html
C. Application Detectors Policy.
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Application_Detection.html
Search for “Application Detector Fundamentals”
“The Firepower System uses application detectors to identify the commonly used applications on your network. Use the Detectors page (Policies > Application Detectors) to view the detector list and customize detection capability.”
D.
The system identifies only those application protocols running on hosts in your monitored networks, as defined in the network discovery policy.
D
Perform the following steps to configure networks to monitor:
From the main menu, navigate to Policies > Network Discovery; this opens the Network Discovery configuration page.
Click Add Rule in the upper-right portion of the page to add a network to monitor. The Add Rule configuration dialog box opens, and you can now configure the networks to cover.
Choose the action that you want to take from the Action drop-down list in the upper-left portion of the dialog box.
Discover: Allows you to add a network to monitor
Exclude: Prevents the system from monitoring the configured network range
Correct Answer: D
B, application awareness policy doesn’t exist.
Hi John, Did you pass in the exam?
This is Correct Answer ..