Q: 8
An engineer configures a network discovery policy on Cisco FMC. Upon configuration, it is noticed
that excessive and misleading events filing the database and overloading the Cisco FMC. A
monitored NAT device is executing multiple updates of its operating system in a short period of time.
What configuration change must be made to alleviate this issue?
Options
Discussion
Option D excluding NAT devices, is what actually stops the overload. The other settings won’t stop those logs. Agree?
D
Its D here. Excluding load balancers and NAT devices stops FMC from logging all the repetitive OS update events coming from those NATs, which fixes the overload problem. Saw a similar scenario on practice exams. Pretty sure that's what they want unless there's some weird auditing requirement.
B maybe? If you change the method to TCP/SYN, you'd limit what triggers network discovery events, which could reduce the overload. Not sure it's as effective as filtering, but seems possible. I think a lot of people get tripped up by this option.
D makes sense since excluding NAT devices should cut down on noisy events. But just checking, if the policy was set to "best" for discovery type instead of ALL, would that also reduce this overload?
B. not D
D , since excluding NAT devices keeps FMC from logging all those repetitive updates, which directly solves the overload. TCP/SYN (B) doesn’t really filter out the noisy hosts, just changes what gets detected. Pretty sure D is what Cisco wants here. Anybody disagree?
D imo, similar question came up in a recent practice and D was the fix.
D , because A and B don't actually filter those noisy NAT updates, only D fixes the event spam here.
D , nothing else really cuts down the noise from those repeated NAT updates.
Be respectful. No spam.
