What are some measures you can take to prevent IPS false positives?
What are some measures you can take to prevent IPS false positives?
To prevent IPS false positives, you should take steps such as capturing packets to analyze traffic, regularly updating the IPS database to ensure the latest threat signatures are used, and backing up custom IPS files for consistency. These measures help in fine-tuning the IPS to reduce the likelihood of false positives, ensuring more accurate detection of threats.
The correct answer is D
D is the answer
Answer is D... Is on the material course
I believe answer is D: “Take the following measure s to prevent false positives: • Import Snort signatures • Back up custom IPS files • Update the IPS database • Import IPS profiles • Capture packets • Analyze advanced SmartEvent • Configure Geo Protections”