350-701 · Question #122
Which policy is used to capture host information on the Cisco Next Generation Intrusion Prevention System?
The correct answer is A. network discovery. This question asks to identify the Cisco NGIPS policy used for collecting host information.
Question
Which policy is used to capture host information on the Cisco Next Generation Intrusion Prevention System?
Options
- Anetwork discovery
- Bcorrelation
- Cintrusion
- Daccess control
How the community answered
(56 responses)- A91% (51)
- B2% (1)
- C5% (3)
- D2% (1)
Why each option
This question asks to identify the Cisco NGIPS policy used for collecting host information.
The network discovery policy on a Cisco Next Generation Intrusion Prevention System (NGIPS) is used to capture detailed information about hosts, operating systems, applications, and services active on the network by passively monitoring traffic to build a comprehensive network map.
Correlation policies are used to link multiple security events across devices or time to identify more complex attacks, not to capture host inventory.
Intrusion policies define how the system detects and prevents intrusions using signatures and other detection methods.
Access control policies determine which network traffic is allowed or blocked based on various criteria like source, destination, application, or user.
Concept tested: Cisco NGIPS Network Discovery Policy
Source: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/network_discovery.html
Topics
Community Discussion
No community discussion yet for this question.