PrepAway - Latest Free Exam Questions & Answers

What is the appropriate action to take?

You implement Traffic Anomaly detection and you find numerous alerts of
portscans from your Security Auditing team that you want to ignore. What is the appropriate action
to take?

PrepAway - Latest Free Exam Questions & Answers

A.
create a rule on top of Traffic Anomaly rulebase to ignore traffic from “Security Audit Team”

B.
create a rule on top of Main rulebase to ignore traffic with “from the Security Audit Team” and
make this a Terminal rule

C.
create a rule on top of Traffic Anomaly rulebase to ignore traffic with a “from the Security Audit
Team” and make this a Terminal rule

D.
create an Exempt rule for the Security Audit team in the Exempt to ignore Traffic
Anomalies


Leave a Reply