Chapter 6 Intrusion Event Analysis

THE SSFIPS EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:

✓ 3.0 Event Analysis
✓ 3.1 Understand the role that geolocation plays in analysis
✓ 3.2 Be familiar with the interfaces for analysis, including the Dashboard, Workflows and Context Explorer

The world of network intrusion detection is a dynamic place where new vulnerabilities are discovered daily, new attacks are launched continuously, and networks themselves are in a constant state of flux. Vendors ceaselessly respond by creating and releasing a steady stream of software patches to address vulnerabilities, and teams like Cisco Talos (formerly VRT) are continuously rolling out new rules to protect against attacks. It’s a never-ending ...

Get SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System Study Guide: Exam 500-285 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System Study Guide: Exam 500-285 by Todd Lammle, Alex Tatistcheff, John Gay

Chapter 6 Intrusion Event Analysis

THE SSFIPS EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly