Examine intrusion event technologies, including NetFlow, StealthWatch, and Cisco Firepower Management Center. Alert data, NGFW, packet capture, network application control, and Cisco ISE are also covered.
Learning Objectives
SECOPS: Intrusion Event Technologies
- describe intrusion event technologies, map provided events to source technologies, and describe DHCP server exhaustion
- describe intrusion event technologies, including NetFlow, StealthWatch, and FMC
- describe how alert data, NGFW, TOP information, network application control, proxy logs, and identify and access management relate to intrusion events