350-701 Question #119: Real Exam Question with Answer & Explanation

The correct answer is B: It defines a traffic baseline for traffic anomaly deduction.. This question requires identifying the correct description of a traffic profile on a Cisco Next Generation Intrusion Prevention System.

Submitted by kwame.gh· Mar 30, 2026Network Security

Question

Which statement describes a traffic profile on a Cisco Next Generation Intrusion Prevention System?

Options

AIt allows traffic if it does not meet the profile.
BIt defines a traffic baseline for traffic anomaly deduction.
CIt inspects hosts that meet the profile with more intrusion rules.
DIt blocks traffic if it does not meet the profile.

Explanation

This question requires identifying the correct description of a traffic profile on a Cisco Next Generation Intrusion Prevention System.

Common mistakes.

A. Allowing traffic that does not meet the profile describes an absence of a detection or blocking rule, not the purpose of a traffic profile itself.
C. Inspecting hosts with more intrusion rules is related to applying specific security policies based on context, not the definition or primary purpose of a traffic profile.
D. Blocking traffic that does not meet the profile describes an access control or blocking rule, not the definition of a traffic profile for anomaly detection.

Concept tested. Cisco NGIPS Traffic Profiles

Reference. https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/intrusion_policies_and_rules.html#ID-2313-00000305

Topics

#Cisco NGIPS#Traffic Profile#Intrusion Prevention#Traffic Anomaly Detection

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice Browse All 350-701 Questions