Cisco IPS 7.0: False Positives, Negatives and Response Improvement
This course is included in our On-demand training solution.
Network intrusion prevention technologies are much more effective when they are customized for the environment in which they operate, which increases the quality of produced alarms and responses. This course examines some methodologies to tune a Cisco Intrusion Prevention System (IPS) sensor to properly manage false positive and negative events.
This course also provides configuration guidance for integrating the Cisco Intrusion Prevention System (IPS) sensor with your network and system environment and discusses several Cisco IPS sensor features can be enabled to increase the quality of the alarms and responses that are produced.
Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security, Cisco Certified Security Professional CCSP Certification or Cisco IPS Specialist Certification designation. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure. Candidates who have completed the Cisco Certified Network Associate Security Certification – Implementing Cisco IOS Network Security (IINS)
Tuning False Positives and False Negatives
Tuning Cisco IPS Sensors to Reduce False Positives I
Tuning Cisco IPS Sensors to Reduce False Positives II
Tuning Signatures to Eliminate False Positives
Tuning IPS Sensor to Reduce False Negatives
Operating System Identification
TVRs, SFRs, and Management Center
Global Correlation and Reputation-Based Filtering