PrepAway - Latest Free Exam Questions & Answers

Which three global correlation features can be enabled from Cisco IPS Device Manager (Cisco IDM)?

Which three global correlation features can be enabled from Cisco IPS Device Manager (Cisco IDM)? (Choose three.)

PrepAway - Latest Free Exam Questions & Answers

A.
Network Reputation

B.
Data Contribution

C.
Reputation Assignment

D.
Signature Correlation

E.
Global Data Integration

F.
Reputation Filtering

G.
Global correlation infection

Explanation:
Global Correlation Features and Goals
There are three main features of global correlation:
Global Correlation Inspection–We use the global correlation reputation knowledge of attackers to influence alert handling and deny actions when attackers with a bad score are seen on the sensor. Reputation Filtering–Applies automatic deny actions to packets from known malicious sites. Network Reputation–Sensor sends alert and TCP fingerprint data to the SensorBase Network.
Reference:
http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/idm/idm_collaboration.html

One Comment on “Which three global correlation features can be enabled from Cisco IPS Device Manager (Cisco IDM)?

  1. Riley says:

    The first of the three are not in the choices above. From the link provided above:

    There are three main features of global correlation:

    •Global Correlation Inspection—We use the global correlation reputation knowledge of attackers to influence alert handling and deny actions when attackers with a bad score are seen on the sensor.

    •Reputation Filtering—Applies automatic deny actions to packets from known malicious sites.

    •Network Reputation—Sensor sends alert and TCP fingerprint data to the SensorBase Network.




    0



    0

Leave a Reply