Chapter 22
| 1: | What does NBAR stand for? |
| A1: | Answer: Network-Based Application Recognition. |
| 2: | Why is NBAR useful in security implementations? |
| A2: | Answer: NBAR allows traffic to be categorized based on the content in the application packets contained in the traffic. After such packets have been recognized, appropriate action can be taken on them. |
| 3: | What is the purpose of the policy map in NBAR configurations? |
| A3: | Answer: A policy map matches the traffic classified by NBAR to an action to be taken on it. |
| 4: | How can NBAR protect against Code Red attacks? |
| A4: | Answer: NBAR allows detection of some of the packets being used in a Code Red attack by the infected machines as well as the attackers themselves, allowing this traffic to be blocked or reduced. |
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
