Firepower Signature Engines Flashcards by Blake Peeden

AIC

Web traffic analysis

How well did you know this?

Not at all

Perfectly

Atomic

ARP - layer 2 ARP protocol
IP Advanced - IPv6 Layer 3 and ICMPv6 Layer 4
IP - Layer 4 transport protocols
IPv6 - IOS vulns simulated by malformed IPv6 traffic

How well did you know this?

Not at all

Perfectly

Fixed

Parallel regex matches - ICMP/TCP/UDP

How well did you know this?

Not at all

Perfectly

Flood

ICMP and UDP floods

How well did you know this?

Not at all

Perfectly

Meta

Events that occur in a related manner

How well did you know this?

Not at all

Perfectly

Multi String

Matches several strings for one signature

How well did you know this?

Not at all

Perfectly

Normalizer

Enforce RFC compliance

How well did you know this?

Not at all

Perfectly

Service

Specific protocols

How well did you know this?

Not at all

Perfectly

State

Stateful searches of strings in protocols

How well did you know this?

Not at all

Perfectly

String

Matches a regex string based on ICMP/TCP/UDP protocol

How well did you know this?

Not at all

Perfectly

String XL

Optimized operation of String

How well did you know this?

Not at all

Perfectly

Sweep

Sweeps from a single host, destination ports, and multiple ports with RPC requests

How well did you know this?

Not at all

Perfectly

Traffic Anomaly

Inspects TCP/UDP and other traffic for worms

How well did you know this?

Not at all

Perfectly

Traffic ICMP

Analyzes nonstandard protocols such as TFN2K/LOKI/DDOS

How well did you know this?

Not at all

Perfectly

Trojan

Analyzes traffic from nonstandard protocols such as BO2K and TFN2K

How well did you know this?

Not at all

Perfectly

Firepower Signature Engines Flashcards

(15 cards)