Which three global correlation features can be enabled from Cisco IPS Device Manager (Cisco IDM)?

Which three global correlation features can be enabled from Cisco IPS Device Manager (Cisco IDM)? (Choose three.)

Which three global correlation features can be enabled from Cisco IPS Device Manager (Cisco IDM)? (Choose three.)

A.
Network Reputation

B.
Data Contribution

C.
Reputation Assignment

D.
Signature Correlation

E.
Global Data Integration

F.
Reputation Filtering

G.
Global correlation infection

Explanation:
Global Correlation Features and Goals
There are three main features of global correlation:
Global Correlation Inspection–We use the global correlation reputation knowledge of attackers to influence alert handling and deny actions when attackers with a bad score are seen on the sensor. Reputation Filtering–Applies automatic deny actions to packets from known malicious sites. Network Reputation–Sensor sends alert and TCP fingerprint data to the SensorBase Network.
Reference:
http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/idm/idm_collaboration.html

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

Riley

Riley

The first of the three are not in the choices above. From the link provided above:

There are three main features of global correlation:

•Global Correlation Inspection—We use the global correlation reputation knowledge of attackers to influence alert handling and deny actions when attackers with a bad score are seen on the sensor.

•Reputation Filtering—Applies automatic deny actions to packets from known malicious sites.

•Network Reputation—Sensor sends alert and TCP fingerprint data to the SensorBase Network.

Reply