Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
15 Cards in this Set
- Front
- Back
CoPP (Control Plane Policing) |
Rate-limit traffic destined to an IP address on the device itself (such as SSH/HTTPS/SSL) Prevents attacks involving excessive traffic of this nature Effectively applying QoS to the valid management traffic & policing the malicious |
|
CPPr (Control Plane Protection) |
Allows more detailed classification of traffic than CoPP (host sub-if, transit sub-if, CEF) Applied to logical control plane interface, as with CoPP |
|
IPS limitations in Promiscuous mode |
Deny attacker Deny packet Modify packet |
|
SIEM |
Security Information & Event Management Combines SIM & SEM to provide real-time alerts for security events for administrators Collects & archives syslog data SIEM systems also allow compliance checking |
|
SDEE |
Security Device Event Exchange Protocol that communicates events generated by security devices SDEE client authenticates with SDEE server before communicating (using a session ID in all future requests) - using SSL |
|
How does FirePOWER block malicious email attachments? |
Sends traffic through a file policy |
|
Clientless SSL VPN - Browser Plugins |
VISTA requires RDP2 |
|
Default TACACS+ timeout |
5 seconds |
|
How does FirePOWER prevent SYN attacks? |
Rate-based prevention |
|
Honeypot IPS |
Purpose: Collect info about attacks |
|
In a security context, which action can you take to address compliance? |
Implement rules to prevent a vulnerability |
|
Which technology can rate fidelity and provide authenticated hash for data? |
File reputation |
|
How to mitigate CAM table overflows? |
DYNAMIC port security |
|
Which feature filters CoPP packets? |
ACL |
|
What is the most common CDPv1 attack? |
Denial of Service |