350-701 · Question #120
Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System?
The correct answer is B. Rule C. Source. This question asks to identify two valid suppression types available on a Cisco Next Generation Intrusion Prevention System.
Question
Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System?
Options
- APort
- BRule
- CSource
- DApplication
- EProtocol
How the community answered
(26 responses)- A4% (1)
- B92% (24)
- E4% (1)
Why each option
This question asks to identify two valid suppression types available on a Cisco Next Generation Intrusion Prevention System.
While traffic can be filtered by port, 'Port' is not a primary, explicit suppression type in Cisco NGIPS policies in the same way as Rule or Source.
Rule suppression allows you to stop generating events for a specific intrusion rule, which is useful for mitigating false positives from a particular signature. C. Source suppression enables you to suppress events originating from a specific source IP address, useful when a known benign source triggers alerts.
Application suppression is not a standard, explicit suppression type in Cisco NGIPS compared to Rule, Source, or Destination.
Protocol suppression is not a standard, explicit suppression type in Cisco NGIPS for event suppression.
Concept tested: Cisco NGIPS Intrusion Event Suppression
Source: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Policies_Intrusion.html#ID-2253-00000302
Topics
Community Discussion
No community discussion yet for this question.