Which IPS technique commonly is used to improve accuracy and context awareness, aiming to detect and respond to relevant incidents only and therefore, reduce noise?

Which IPS technique commonly is used to improve accuracy and context awareness, aiming to detect and respond to relevant incidents only and therefore, reduce noise?

Which IPS technique commonly is used to improve accuracy and context awareness, aiming to detect and respond to relevant incidents only and therefore, reduce noise?

A.
attack relevancy

B.
target asset value

C.
signature accuracy

D.
risk rating

Explanation:



Leave a Reply 2

Your email address will not be published. Required fields are marked *


tareq

tareq

risk rating

juantron

juantron

Context-aware security is the use of supplemental information to improve security decisions at the time the decision is made.
The risk rating helps with alerts and is based on many different components to improve the performance and operation of the sensor.
Risk ratings are assigned to alerts generated from IPS sensors. The intent of this risk rating is to provide the user with an indication of the relative risk of the traffic or offending host continuing to access the user’s network. This rating can be used to provide a means for developing risk-oriented event action policies for Cisco IOS IPS.
The risk rating is realized as an integer value in the range from 0 to 100. The higher the value, the greater the security risk of the trigger event for the associated alert.
Risk rating provides the user with valuable insight into the overall risk of an event. This allows the user to develop policies for the prevention of network attacks or to better characterize events for prioritization of further investigation. Risk rating in conjunction with event action overrides makes it very easy for customers to configure Cisco IOS IPS to take action on alerts that exceed a certain risk rating threshold.