CCNP Security IPS 642-627 Official Cert Guide

Chapter 14. Improving Alarm and Response Quality

Understanding how the IPS sensor can dynamically respond to an attack and also understanding the individual factors that go into the formula for risk rating are critical for optimizing the IPS sensor responses. In this chapter, you will learn the following:

• Identifying and Adjusting Risk-Rating Components: The ingredients that go into the recipe affecting risk rating, and how you can modify these as you tune the sensor.

• Operating System Fingerprinting: Understanding the relevance between a specific attack and the operating system of the victim will allow the sensor to increase the risk rating for a given signature match, depending on which operating system the victim is running.

• Global Correlation ...

Get CCNP Security IPS 642-627 Official Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCNP Security IPS 642-627 Official Cert Guide by David Burns, Odunayo Adesina, Keith Barker

Chapter 14. Improving Alarm and Response Quality

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly