A FortiGate administrator runs 'diagnose ips anomaly list' and sees many entries with 'protocol anomaly - tcp_port_scan'. The administrator wants to reduce false positives. Which action should be taken in the IPS sensor configuration?
Increasing the threshold reduces false positives by requiring more ports to be scanned in the time window.