You are analyzing recent intrusion events in FireSIGHT Defense Center and notice several events with blueicons.
To which of the following vulnerability classifications do the blue icons correspond? (Select the best answer.)
A.
unknown target
B.
vulnerable
C.
potentially vulnerable
D.
not vulnerable
Explanation:
A blue icon is used in intrusion event records by Cisco FireSIGHT Defense Center to classify a vulnerability as
an unknown target. An unknown target classification indicates that either the source or target host is on a
monitored network but has no corresponding entry in the network map. FireSIGHT uses impact levels to
describe the potential severity of attacks. In the FireSIGHT system, managed devices, like Cisco FirePOWER
Intrusion Prevention Systems (IPSs), respond to an intrusion event by flagging the event with an impact level
and sending the event to the FireSIGHT Defense Center. The impact level is based on accumulated intrusion
data, network discovery data, and vulnerability information. The aggregated intrusion event data typically
contains contextual information about the event and includes a copy of the packet that triggered the event.
The following table provides a summary of the FireSIGHT impact levels and their meaning:Cisco: Working with Intrusion Events: Using Impact Levels to Evaluate Events