You have a false positive in the Log Viewer that you want to exclude from further detection. What
should you do?
A.
right-click on that event, select Exempt
B.
go to the Exempt rules and add that Attack Object
C.
right-click on that event, choose Filter – Not this Value
D.
create a policy in the top of the rulebase that ignores that event and make it a Terminal rule
Explanation: