what coordinates between different components, decides which protections should run on…?

Which of the following IPS Layers is the “brain” of the IPS? That is, what coordinates between
different components, decides which protections should run on a certain packet, decides the final
action to be performed on the packet and issues an event log?

Which of the following IPS Layers is the “brain” of the IPS? That is, what coordinates between
different components, decides which protections should run on a certain packet, decides the final
action to be performed on the packet and issues an event log?

A.
Context Management Interface layer (CMI)

B.
Protocol Parsers

C.
Protections

D.
Passive Streaming Library (PSL)

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

Sidza

Sidza

sk95193
Context Management Infrastructure (CMI) and Protections
The Context Management Infrastructure (CMI) is the “brain” of the IPS. It coordinates different components, decides which protections should run on a certain packet, decides the final action to be performed on the packet and issues an event log.
CMI separates parsers and protections. Protection is a set of signatures or/and handlers, where

Signature – a malicious pattern that is searched for
Handler – INSPECT code that performs more complex inspection

Reply