350-701 • Practice Test 13
Free 350-701 practice test — 15 questions with explanations. Set 13. No signup required.
Refer to the exhibit. An engineer is analyzing an intrusion policy on Cisco Firepower Management Center (FMC). The network uses Windows servers and clients. A flood of HTTP traffic is being detected as a potential attack, but it is legitimate. Which preprocessor configuration change would most likely reduce false positives without losing detection of real attacks?
Refer to the exhibit. ! Cisco FMC intrusion policy snippet preprocessor global_sensitivity: sensitivity_level high preprocessor frag3: frag3_engine policy=first, bind_to=0.0.0.0 preprocessor stream5_global: track_tcp yes, track_udp yes preprocessor stream5_tcp: policy=windows, use_static_footprint_sizes yes preprocessor http_inspect: global iis_unicode_map unicode.map 1252 preprocessor http_inspect: default_inspect_http_profiles preprocessor smtp: ports 25 465 587 !