A security engineer needs to configure a network discovery policy on a Cisco FMC appliance and prevent excessive network discovery events from overloading the FMC database? Which action must be taken to accomplish this task?
A.
Monitor only the default IPv4 and IPv6 network ranges.
B.
Configure NetFlow exporters for monitored networks.
C.
Change the network discovery method to TCP/SYN.
D.
Exclude load balancers and NAT devices in the policy.
From this source look under section "network discovery rules": We recommend that you exclude load balancers (or specific ports on load balancers) and NAT devices from monitoring. These devices may create excessive and misleading events, filling the database and overloading the Firepower Management Center.
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Network_Discovery_Policies.html
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0b274d3
1 month agoDoris8000
5 months, 2 weeks ago