Cisco SITCS 1.0: Cisco Intrusion Prevention Systems II
This course is included in our On-demand training solution.
The Cisco SensorBase correlates real-time data from more than 1.5 million devices around the world to create network reputation scores that enable Cisco IPS devices to block threats from known malicious hosts before they pass through the IPS inspection process. In this course, you’ll learn how to describe some methodologies for tuning a Cisco IPS sensor to properly manage false positive and negative events, including the methods and configuration procedures to create custom signatures on a Cisco IPS sensor. In addition, you’ll learn how to enable the anomaly detection functionality and the reputation-based feature on the Cisco IPS sensor. This course is one of a series in the SkillSoft learning path that covers the objectives for the Implementing Cisco Threat Control Solutions (SITCS) 1.0 (300-207 SITCS) exam.
This path is designed to prepare security engineers with the knowledge covering advanced firewall architecture and configuration with the Cisco next-generation firewall, utilizing access, and identity policies. It is also suitable for students interested in pursuing their Cisco Certified Network Professional Security (CCNP Security) certification.
False Positives and Negatives
Cisco IPS Tuning Approaches
Tune Cisco IPS to Reduce False Positives
Reducing False Positives
Tune Cisco IPS to Reduce False Negatives
Reducing False Negatives
Custom Signature Wizard
Principles Behind Anomaly Detection
Scanners and Histograms
Anomaly Detection and Action
Anomaly Detection Scenario
Anomaly Detection Configuration Procedure
Verify Anomaly Detection
Global Correlation and Reputation Filter
Global Correlation Operations
IPS Sensor Feedback to Cisco SensorBase
Global Correlation Configurations
Verify Global Correlation and Reputation Filter
Exercise: Describing Cisco Intrusion Prevention Systems