SNCF — Securing Networks with Firepower — Question 227

A security engineer needs to configure a network discovery policy on a Cisco FMC appliance and prevent excessive network discovery events from overloading the FMC database? Which action must be taken to accomplish this task?

Answer options

• A. Monitor only the default IPv4 and IPv6 network ranges.
• B. Configure NetFlow exporters for monitored networks.
• C. Change the network discovery method to TCP/SYN.
• D. Exclude load balancers and NAT devices in the policy.

Correct answer: D

Explanation

Excluding load balancers and NAT devices from the policy helps to reduce the number of unnecessary discovery events that could clutter the FMC database. The other options do not specifically address the issue of event overload; monitoring default ranges, configuring NetFlow exporters, or changing the discovery method may still result in excessive events being recorded.