You would like to investigate an incident and have already enabled the Log Pair Packets action on
various signatures being triggered. What should you do next?
A.
Use CLI to send the IP log to a PC using TFTP, then open it with Notepad to view and interpret
the contents.
B.
Use Cisco IDM to download the IP log to a management station then use a packet analyzer like
Ethereal to decode the IP log.
C.
Use the External Product Interface feature to download the IP log to Cisco Security MARS for
incident investigation.
D.
Use Cisco Security Manager to retrieve the IP log then use the Cisco Security Manager IPS
Manager to decode the IP log.
E.
Use Cisco IEV to retrieve the IP log then use the IEV Generate Reports function to produce a
report based on the IP log content.
Explanation: