nerdexam
Cisco

350-701 · Question #120

Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System?

The correct answer is B. Rule C. Source. This question asks to identify two valid suppression types available on a Cisco Next Generation Intrusion Prevention System.

Submitted by cyberguy42· Mar 30, 2026Security Operations and Orchestration

Question

Which two are valid suppression types on a Cisco Next Generation Intrusion Prevention System?

Options

  • APort
  • BRule
  • CSource
  • DApplication
  • EProtocol

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    92% (24)
  • E
    4% (1)

Why each option

This question asks to identify two valid suppression types available on a Cisco Next Generation Intrusion Prevention System.

APort

While traffic can be filtered by port, 'Port' is not a primary, explicit suppression type in Cisco NGIPS policies in the same way as Rule or Source.

BRuleCorrect

Rule suppression allows you to stop generating events for a specific intrusion rule, which is useful for mitigating false positives from a particular signature. C. Source suppression enables you to suppress events originating from a specific source IP address, useful when a known benign source triggers alerts.

CSourceCorrect
DApplication

Application suppression is not a standard, explicit suppression type in Cisco NGIPS compared to Rule, Source, or Destination.

EProtocol

Protocol suppression is not a standard, explicit suppression type in Cisco NGIPS for event suppression.

Concept tested: Cisco NGIPS Intrusion Event Suppression

Source: https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Policies_Intrusion.html#ID-2253-00000302

Topics

#Cisco NGIPS#suppression types#IPS tuning#false positive management

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice