ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-310 All Questions

View all questions & answers for the 200-310 exam
Go to Exam

Exam 200-310 topic 1 question 548 discussion

Actual exam question from Cisco's 200-310
Question #: 548
Topic #: 1
[All 200-310 Questions]

What is the best point to deploy the IPS, not to have false positives, since the traffic is already filtered?

  • A. Inline before the firewall
  • B. Inline after the firewall
  • C. Passive of the firewall
  • D. Passive of the Switch
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://supportforums.cisco.com/t5/intrusion-prevention-systems-ids/correct- placement-of-ids-ips-in-network-architecture/td-p/2632437
by craterman at Jan. 5, 2020, 8:36 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
craterman
5 years, 5 months ago
B is correct
upvoted 2 times
craterman
5 years, 5 months ago
From 200-310 official cert guide: For the IPS to actually block traffic, it has to be deployed in inline mode, where traffic is forced through the IPS. Place IPS sensor appliances behind the firewall so that you only see traffic that has been filtered by the firewall policy.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel