Which three statements about the Cisco IntelliShield Al…

Which three statements about the Cisco IntelliShield Alert Manager are true? (Choose three.)

Which three statements about the Cisco IntelliShield Alert Manager are true? (Choose three.)

A.
Alert information is analyzed and validated by Cisco security analysts.

B.
Alert analysis is vendor-neutral.

C.
The built-in workflow system provides a mechanism for tracking vulnerability remediation and integration with Cisco Security Manager and Cisco Security
MARS.

D.
Users can customize the notification to deliver tailored information relevant to the needs of the organization

E.
Customers are automatically subscribed to use Cisco Security IntelliShield Alert Manager Service with the Cisco IPS license.

F.
More than 10 report types are available within the Cisco Security IntelliShield Alert Manager Service.

Explanation:
http://www.cisco.com/en/US/products/ps6834/serv_group_home.html
A & D are clear.
Still in doubt for B or C (and F – added by DD)
Features
Continuous threat and vulnerability updates
Customized notifications that deliver tailored information relevant to IT needs = D Actionable alert intelligence analyzed and validated by security analysts to assist in
proactive prevention =A
Integrated, easy to use tools for easy management of remediation efforts Comprehensive intelligence information including historical coverage of over 14,000 alerts

Benefits
Accelerated elimination of threats through actionable security intelligence Customized intelligence to avoid sifting through irrelevant information Vendor-neutral
analysis of threats and vulnerabilities help prevent IT attacks across business environments = B
Workflow management tools enable efficient use of security staff resources http://www.cisco.com/en/US/services/ps2827/ps6834/
services_overview0900aecd803e85ee.pdf Option C removal!
No mention of integration at all with CSM or CS MARS.
Added by DD
Originally suggested F as an option but one of the report types specifically mentions vendor neutral analysis on security vulnerabilities
http://www.cisco.com/web/services/portfolio/product-technical-support/intellishield/index.html says “….Vendorneutral analysis of threats and vulnerabilities that
prevent IT attacks across business environments…”
There is also this about reports from
The Cisco Security Intelligence Operations information is published in many forms for the benefit of end customers, enterprises, governments, and the general
public. Some examples of the other forms of Cisco Security Intelligence Operations information arc as follows:
Cyber risk reports
Cisco annual security reports
Cisco PSIRT security advisories and security responses Cisco IntelliShield alerts, including malicious code alerts, security activity bulletins, security issue alerts,
threat outbreak alerts, and geopolitical security reports Service provider security best practices
Security Intelligence best practices
Cisco IPS active update bulletins
Applied mitigation bulletins
Cisco IronPort outbreak reports
IntelliShield event responses
And also something from:
http://www.cisco.com/web/about/doing_business/legal/service_descriptions/docs/ Cisco_Security_IntelliShield_Alert_Manager_Service.pdf Because it mentions
these, not convinced that F is not a valid option:
The Service provides, among other things:
· Vulnerability Alerts — vendor-neutral reports on security vulnerabilities. · Malicious Code Alerts – reports on malicious codes that have a minimum of level 3
urgency rating described in the user documentation provided by Cisco. · Activity Reports — reports on attacks, outages and threat activity identified by Cisco’s global
network of sources.
· Threat Outbreak Alert – reports on the latest spam activity from the Cisco IronPort Threat Operations Center.
· Applied Mitigation Bulletins — reports on how to use your existing Cisco security products to mitigate and block threats.
· Cyber Risk Reports — weekly Cyber Risk Reports provide strategic intelligence that highlight current security activity. The reports address seven major risk
management categories:
vulnerability. physical, legal, trust, identity, human, and geopolitical. · Enterprise Task Management – a web-based console that helps customers to manage, assign
and track security-related tasks within Customer’s



Leave a Reply 0

Your email address will not be published. Required fields are marked *