Alleviating Excessive Events Issue with Network Discovery Policy

A.

The issue in this scenario is that excessive and misleading events are filling the database and overloading the Cisco FMC. Additionally, a monitored NAT device is executing multiple updates of its operating system in a short period of time. To alleviate this issue, a configuration change must be made to the network discovery policy on the Cisco FMC.

Option A, excluding load balancers and NAT devices, may be a viable solution if these devices are the source of the excessive and misleading events. However, this would also exclude these devices from being discovered and monitored by the network discovery policy. Depending on the network's requirements, this may not be an acceptable solution.

Option B, leaving the default networks, is not a solution to the problem of excessive and misleading events.

Option C, increasing the number of entries on the NAT device, may alleviate the issue with the updates but does not address the problem of excessive and misleading events filling the database and overloading the Cisco FMC.

Option D, changing the method to TCP/SYN, may be a solution to the problem of excessive and misleading events. By default, the network discovery policy uses ICMP echo requests to discover hosts. However, using TCP/SYN packets may provide more accurate results and reduce the number of false positives. This can be configured in the network discovery policy settings under the "Network Map" section.

In conclusion, the best option to alleviate the issue with excessive and misleading events filling the database and overloading the Cisco FMC is option D, changing the method to TCP/SYN.