CCSP IPS Exam Certification Guide

Index

[A] [B] [C] [D] [E] [F] [G] [H] [I] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [Z]

searching patterns,

Secure Shell (SSH), 2ndsecurity

    IPS

         bypasses,

         configuring,

         deploying,         hardware,         hybrid IPS/IDS solutions,

         meta-event generators,         monitoring,         overview of,         protocols,

         risk rating,         terminology,         triggers,     NSDBSecurity Monitor     configuring         adding devices,

         event notification,

         Event Viewer,         importing devices,         monitoring devices,

     managing

         data, 2nd

         Event Viewer preferences,

         system configuration,     reports

selecting     event types

     IP blocking     signature engines     strong passwords senior user accounts, configuring, Sensor Setup (IDM),

sensors,

     analysis engines

     clocks

     configuring

     events

         filtering actions,

         overriding actions,

         Target Value Rating,

         variables, 2nd

     hosts

     IDS evasion

         encryption,

         flooding,

         fragmentation,         obfuscation,

         TTL manipulation,

     IDSM

         Catalyst 6500 switches,

         configuring IDSM-2,         deploying IDSM-2,         features of,

         managing (IDSM-2),         ports (IDSM-2),         traffic flow (IDSM-2),         troubleshooting (IDSM-2),

     interfaces     IPS         bypasses,         Cisco IDS 4200 switches,         Cisco IDSM-2 (for Catalyst 6500),         configuring,         deploying,

         firewalls,

         hardware,         hybrid IPS/IDS solutions,         IDM [See also IDM]

         initializing,

         inline sensor support,

         installing,

         meta-event generators,         monitoring,

         network module for access routers,         overview of,

         protocols,         risk rating,         routers,         terminology,         triggers,

     maintenance 2nd

         automatic software updates,

         CLI software installations,

         downgrading images,

         IDM software installations,

         image recovery,

         licenses,

         resetting,

         restoring configurations,

         saving current configurations,

         updating software,

     optimizing

         configuring IP log settings,

         enforcing application policies,         reassembly options,

     responses

         inline actions,

         IP blocking, 2nd

         logging actions,         manual blocking,         Master Blocking Sensors,

         TCP reset,     signatures         configuring, 2nd         customizing,

         FTP/HTTP policy enforcement,         groups,         managing alarms,         MEG,         optimizing configuration,         tuning,     virtual

servers

     IPS deployment     NTP     requirements

Service accounts, creating,

Service mode (CLI command mode),

service notification command,

service packs, Service role,

services, viewing signatures, session command,

session slot command, set security acl command, set vlan command, setup command, severity (event),

show commands

     show configuration command

     show events command

     show interfaces command

     show inventory command

     show module command

     show module switch command

     show port command

     show statistics command

     show tech-support command 2nd

     show trunk command

     show version command

shun command,

shutting down NM-CIDS, Signature Configuration option (IDM),

Signature Definition category (IDM),

signature fidelity ratings,

Signature Variables option (IDM),

signature-definition mode,signatures     Cisco IPS 2nd

         AIC FTP engines,         AIC HTTP engines,         atomic engines,         engines,

         flood engines,         Meta Signature engines,         Normalizer Signature engines,         parameters,         service signature engines,         state signature engines,         String signature engines,

         Sweep signature engines,

         Trojan horse signature engines,     cloning     connections

     creating

     defining

     editing

     enabling     engines

     fields     filtering

     functionality     IPS         configuring, 2nd         customizing,         FTP/HTTP policy enforcement,

         groups,

         managing alarms,

         MEG,

         optimizing configuration,

         tuning,

     parameters

     responses

         inline actions,

         IP blocking, 2nd

         logging actions,

         manual blocking,

         Master Blocking Sensors,

         TCP reset,

     retiring     selecting

     testing

Simple Mail Transport Protocol,

Simple Network Management Protocol (SNMP),

single sensors, configuring, SMTP (Simple Mail Transport Protocol), sniffing networks,

SNMP (Simple Network Management Protocol), software types, Sort By group box (Event Viewer), spam,

SPAN (Switched Port Analyzer),     configuring speed (interface), spoofing, antispoofing mechanisms, Spyware signatures, viewing, SQL (Structured Query Language), SSH (Secure Shell), 2nd

ssh host-key command,

ssh-known-hosts mode,status     fields (signatures)

     NM-CIDS

streams

     loose TCP

     strict TCP strict TCP streams,

strings, matching, Structured Query Language (SQL),

subcommands     action     match summaries of alarms, summertime settings, configuring,

Switched Port Analyzer (SPAN),

     configuring

switches

    Catalyst 6000

         as blocking devices,

         as IP blocking devices,

     IDSM

     traffic flow

switchport access vlan command,

switchport capture allowed vlan command,

switchport capture command,

switchport trunk command,

syntax for regular expressions,

system clocks, configuring,system configuration [See configuration]

system requirements,