Valid 200-201 Dumps shared by ExamDiscuss.com for Helping Passing 200-201 Exam! ExamDiscuss.com now offer the newest 200-201 exam dumps, the ExamDiscuss.com 200-201 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 200-201 dumps with Test Engine here:
Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?
Correct Answer: B
When a system is overwhelmed with alerts, designing criteria for reviewing alerts can help prioritize and manage them more effectively. This approach allows for a structured review process that can distinguish between false positives, false negatives, and legitimate alerts, reducing the overall number of alerts that require attention3. References := The strategy of designing criteria for reviewing alerts is recommended in cybersecurity best practices to manage alert fatigue and improve the efficiency of security operations3.