nerdexam
Cisco

350-201 · Question #6

An engineer receives an incident ticket with hundreds of intrusion alerts that require investigation. An analysis of the incident log shows that the alerts are from trusted IP addresses and internal d

Sign in or unlock 350-201 to reveal the answer and full explanation for question #6. The question stem and answer options stay visible for context.

Network Intrusion Analysis

Question

An engineer receives an incident ticket with hundreds of intrusion alerts that require investigation. An analysis of the incident log shows that the alerts are from trusted IP addresses and internal devices. The final incident report stated that these alerts were false positives and that no intrusions were detected. What action should be taken to harden the network?

Options

  • AMove the IPS to after the firewall facing the internal network
  • BMove the IPS to before the firewall facing the outside network
  • CConfigure the proxy service on the IPS
  • DConfigure reverse port forwarding on the IPS

Unlock 350-201 to see the answer

You've previewed enough free 350-201 questions. Unlock 350-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Topics

#IPS placement#false positives#network hardening#intrusion detection
Full 350-201 Practice