View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

sourcefire

SEC0178 - ASA FirePower Traffic Profile

The video demonstrates capability of Cisco ASA FirePower to detect anomalous traffic pattern. We will be configuring the FireSight System to monitor HTTP traffic to our servers, create traffic profile, and have it generate alert upon significant traffic pattern deviation. A HTTP packet generation tool will be used to generate HTTP requests at different rate to test our traffic profile.

Rating: 
5
Average: 5 (4 votes)
Difficulty Level: 
0

SEC0177 - ASA FirePower Event Correlation and Remediation (Part 2)

The video demonstrates Cisco ASA FirePower capability to correlate system events and generate appropriate remediation responses. We will go through two example scenarios; one with a basic event matching and responding, and the other continues to track the connection and apply a more complex conditions before issuing response. Specifically, we will configure NMAP scan and IP shun remediations. 

Rating: 
5
Average: 5 (3 votes)
Difficulty Level: 
0

SEC0177 - ASA FirePower Event Correlation and Remediation (Part 1)

The video demonstrates Cisco ASA FirePower capability to correlate system events and generate appropriate remediation responses. We will go through two example scenarios; one with a basic event matching and responding, and the other continues to track the connection and apply a more complex conditions before issuing response. Specifically, we will configure NMAP scan and IP shun remediations. 

Rating: 
5
Average: 5 (3 votes)
Difficulty Level: 
0

SEC0176 - ASA FirePower Compliance Enforcement with Whitelist

The video demonstrates the use of Whitelist feature on Cisco ASA FirePower to enforce application compliancy on end-host. We will look at two ways of creating a host profile; manual and from host discovery, and apply them to a network to have the FireSight System monitor and generate alert when any unapproved network protocols or application services are detected.

Rating: 
5
Average: 5 (1 vote)
Difficulty Level: 
0

SEC0175 - ASA FirePower IPS Custom Rule

The video shows you how to create a custom intrusion rule on Cisco ASA FirePower. We will generate a special HTTP request to simulate malicious traffic and build an intrusion rule to match the content of the request and drop it. You will learn available parameters that you can use on FireSight web interface Rule Editor to define attack signature.

Rating: 
4.5
Average: 4.5 (2 votes)
Difficulty Level: 
0

SEC0174 - ASA FirePower IPS Advance (Part 2)

The video takes you deeper into Intrusion Policy configuration on Cisco ASA FirePower as we use Policy Layer and FireSight Recommendation. Policy Layer provides configuration flexibility, while FireSight Recommendation assist you in determining appropriate intrusion rules to enable or disable. We will also test our configuration by simulating attacks using Metasploit vulnerability testing tool. The video will close by showing you how to setup intrusion event alert and manage intrusion incidents.

Rating: 
5
Average: 5 (3 votes)
Difficulty Level: 
0

SEC0174 - ASA FirePower IPS Advance (Part 1)

The video takes you deeper into Intrusion Policy configuration on Cisco ASA FirePower as we use Policy Layer and FireSight Recommendation. Policy Layer provides configuration flexibility, while FireSight Recommendation assist you in determining appropriate intrusion rules to enable or disable. We will also test our configuration by simulating attacks using Metasploit vulnerability testing tool. The video will close by showing you how to setup intrusion event alert and manage intrusion incidents.

Rating: 
5
Average: 5 (2 votes)
Difficulty Level: 
0

SEC0173 - ASA FirePower IPS Basic (Part 2)

The video walks you through basic configuration of Intrusion Policy on Cisco ASA FirePower. We begin by explaining significance of the use of Variable Set, the concept of Base Policy, and various settings in an Intrusion Rule. We will adjust some of an Intrusion Rule settings including, Threshold, Suppression, and Dynamic State, and observe how they effect the rule behavior using ICMP Reply Undefined Code rule as our example.

Rating: 
5
Average: 5 (2 votes)
Difficulty Level: 
0

SEC0173 - ASA FirePower IPS Basic (Part 1)

The video walks you through basic configuration of Intrusion Policy on Cisco ASA FirePower. We begin by explaining significance of the use of Variable Set, the concept of Base Policy, and various settings in an Intrusion Rule. We will adjust some of an Intrusion Rule settings including, Threshold, Suppression, and Dynamic State, and observe how they effect the rule behavior using ICMP Reply Undefined Code rule as our example.

Rating: 
5
Average: 5 (2 votes)
Difficulty Level: 
0

SEC0172 - ASA FirePower Malware Detection (Part 2)

The video demonstrates Cisco ASA FirePower ability to perform Malware file detection and blocking. We will look at how a file is determined to contain malware, specifically executable files. We will attempt to submit a file with unknown disposition for further cloud analysis, explain the meaning of threat score, and review file analysis report. Finally, we will introduce you to Clean and Detection list and how they can be used to overwrite the default malware detection behavior. 

Rating: 
5
Average: 5 (3 votes)
Difficulty Level: 
0

Pages

Subscribe to RSS - sourcefire

Lab Minutes Classifieds