Chapter 5 FireSIGHT Technologies

THE SSFIPS EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:

  • ✓ 5.1 Understand the discovery component inside FireSIGHT, including the policy configuration and the data collected
  • ✓ 5.2 Understand the type of data collected by connection events with FireSIGHT
  • ✓ 5.3 Understand the user information that is discovered with FireSIGHT

We’ve arrived at the perfect point in this book to introduce you to FireSIGHT. Once you’ve been acquainted with this awesome technology, we’ll move on to explore discovery components like the policy, type of data collected, connection events, and host attributes associated with it. By the end of this chapter, you’ll have gained sharp insight into exactly how FireSIGHT is ...

Get SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System Study Guide: Exam 500-285 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.