Implementing Cisco Threat Control Solutions (SITCS, legacy) — Question 11

Which description of a correlation policy configuration in the Cisco Firepower Management Center is true?

Answer options

• A. You cannot add a host profile qualification to a correlation rule that is triggered by a malware event.
• B. Deleting a response group deletes the responses of that group.
• C. Correlation policy priorities override whitelist priorities.
• D. The system displays correlation policies that are created on all of the domains in a multidomain deployment.

Correct answer: D

Explanation

The correct answer is D because the Cisco Firepower Management Center is designed to display correlation policies across all domains in a multidomain deployment, allowing for centralized management. Options A, B, and C are incorrect as they misrepresent the functionalities and behaviors of correlation rules, response groups, and the prioritization system within the Firepower Management Center.