Cisco IPS 7.0: Adapting Traffic Analysis and Response to the Environment

This course is included in our On-demand training solution.

Overview

When you need to address a threat that is uniquely specific to your environment, or otherwise do not have an appropriate signature in the default signature set to address a particular threat, you can create custom signatures on the Cisco Intrusion Prevention System (IPS) sensor.
This course describes the methods and configuration procedures that allow you to create custom signatures on a Cisco IPS sensor and examines some methodologies to tune a Cisco IPS sensor to properly manage false positive and negative events.

Target Audience

Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security, Cisco Certified Security Professional CCSP Certification or Cisco IPS Specialist Certification designation. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure. Candidates who have completed the Cisco Certified Network Associate Security Certification – Implementing Cisco IOS Network Security (IINS)

Prerequisites

Expected Duration

120 min.

Course Objectives

Creating Custom Signatures

  • recognize matching strategies for creating custom signatures
  • describe how to use regular expressions to create custom signatures
  • Using the Custom Signature Wizard

  • describe how to configure a custom signature using the Custom Signature Wizard and selecting a signature engine
  • Creating a Basic Custom Signature

  • create a basic custom signature
  • Signature Wizard without Specifying a Signature Engine

  • describe how to configure a custom signature using the Custom Signature Wizard without selecting a signature engine
  • Create a Custom Layer 4 Stateful String-Match Signature

  • create a custom layer 4 stateful string-match signature
  • Configuring Custom Signatures Manually

  • recognize how to configure a custom signature without using the Custom Signature Wizard
  • Creating an Advanced App-Layer Signature

  • create an advanced application-layer signature with custom parameters
  • Manually Creating an Advanced App-Layer Signature

  • create an advanced application-layer signature manually with custom parameters
  • SUBSCRIPTION COST



     

    NEED HELP OR NOT SURE?