What can the analyst do to reduce these false positive indicators?

An analyst is encountering a large number of false positive results. Legitimate internal network traffic contains valid flows and events which are making it difficult to identify true security incidents.

What can the analyst do to reduce these false positive indicators?
A . Create X-Force rules to detect false positive events.
B . Create an anomaly rule to detect false positives and suppress the event.
C . Filter the network traffic to receive only security related events.
D . Modify rules and/or Building Block to suppress false positive activity.

Answer: C

Latest C1000-018 Dumps Valid Version with 60 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments