You are previewing SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System Study Guide: Exam 500-285.
O'Reilly logo
SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System Study Guide: Exam 500-285

Book Description

Up the ante on your FirePOWER with Advanced FireSIGHT Administration exam prep

Securing Cisco Networks with Sourcefire IPS Study Guide, Exam 500-285, provides 100% coverage of the FirePOWER with Advanced FireSIGHT Administration exam objectives. With clear and concise information regarding crucial next-generation network security topics, this comprehensive guide includes practical examples and insights drawn from real-world experience, exam highlights, and end of chapter reviews. Learn key exam topics and powerful features of the Cisco FirePOWER Services, including FireSIGHT AdministrationManagement Center, in-depth event analysis, IPS tuning and configuration, and snort rules language.

Gain access to Sybex's superior online learning environment that includes practice questions, flashcards, and interactive glossary of terms.

  • Use and configure next-generation Cisco FirePOWER services, including application control, firewall, and routing and switching capabilities

  • Understand how to accurately tune your systems to improve performance and network intelligence while leveraging powerful tools for more efficient event analysis

  • Complete hands-on labs to reinforce key concepts and prepare you for the practical applications portion of the examination

  • Access Sybex's online interactive learning environment and test bank, which includes an assessment test, chapter tests, bonus practice exam questions, electronic flashcards, and a searchable glossary

  • Securing Cisco Networks with Sourcefire IPS Study Guide, Exam 500-285 provides you with the information you need to prepare for the FirePOWER with Advanced FireSIGHT Administration examination.

    Table of Contents

    1. Introduction
      1. Why Should You Become Certified in the SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System?
      2. What Does This Book Cover?
      3. Interactive Online Learning Environment and Test Bank
      4. How to Use This Book
      5. Where Do You Take the Exams?
      6. SSFIPS Exam Objectives
    2. Assessment Test
      1. Answers to Assessment Test
    3. Chapter 1 Getting Started with FireSIGHT
      1. Industry Terminology
      2. Cisco Terminology
      3. Appliance Models
      4. FireSIGHT Licensing
      5. Network Design
      6. Policies
      7. The User Interface
      8. Initial Appliance Setup
      9. Summary
      10. Hands-on Lab
      11. Review Questions
    4. Chapter 2 Object Management
      1. What Are Objects?
      2. Getting Started
      3. Network Objects
      4. Security Intelligence
      5. Port Objects
      6. VLAN Tag
      7. URL Objects and Site Matching
      8. Application Filters
      9. Variable Sets
      10. File Lists
      11. Security Zones
      12. Geolocation
      13. Summary
      14. Hands-on Lab
      15. Exam Essentials
      16. Review Questions
    5. Chapter 3 IPS Policy Management
      1. IPS Policies
      2. Default Policies
      3. Policy Layers
      4. Creating a Policy
      5. Summary
      6. Hands-on Labs
      7. Exam Essentials
      8. Review Questions
    6. Chapter 4 Access Control Policy
      1. Getting Started with Access Control Policies
      2. Security Intelligence Lists
      3. Access Control Rules
      4. Summary
      5. Hands-on Lab
      6. Exam Essentials
      7. Review Questions
    7. Chapter 5 FireSIGHT Technologies
      1. FireSIGHT Technologies
      2. Summary
      3. Hands-on Labs
      4. Exam Essentials
      5. Review Questions
    8. Chapter 6 Intrusion Event Analysis
      1. Intrusion Analysis Principles
      2. The Dashboard and Context Explorer
      3. Intrusion Events
      4. Summary
      5. Hands-on Lab
      6. Exam Essentials
      7. Review Questions
    9. Chapter 7 Network-Based Malware Detection
      1. AMP Architecture
      2. File Policy
      3. File Types and Categories
      4. File and Malware Event Analysis
      5. Summary
      6. Hands-on Lab
      7. Exam Essentials
      8. Review Questions
    10. Chapter 8 System Settings
      1. User Preferences
      2. System Configuration
      3. System Policy
      4. Health
      5. Summary
      6. Hands-on Lab
      7. Exam Essentials
      8. Review Questions
    11. Chapter 9 Account Management
      1. User Account Management
      2. User Privileges
      3. Creating New User Accounts
      4. Configuring External Authentication
      5. Summary
      6. Hands-on Lab
      7. Exam Essentials
      8. Review Questions
    12. Chapter 10 Device Management
      1. Device Management
      2. NAT Configuration
      3. Virtual Private Networks
      4. Summary
      5. Hands-on Labs
      6. Exam Essentials
      7. Review Questions
    13. Chapter 11 Correlation Policy
      1. Correlation Overview
      2. Correlation Rules, Responses, and Policies
      3. White Lists
      4. Traffic Profiles
      5. Summary
      6. Hands-on Lab
      7. Exam Essentials
      8. Review Questions
    14. Chapter 12 Advanced IPS Policy Settings
      1. Advanced Settings
      2. Summary
      3. Hands-on Lab
      4. Exam Essentials
      5. Review Questions
    15. Chapter 13 Creating Snort Rules
      1. Overview of Snort Rules
      2. Writing Rules
      3. Summary
      4. Exam Essentials
      5. Review Questions
    16. Chapter 14 FireSIGHT v5.4 Facts and Features
      1. Branding
      2. Simplified IPS Policy
      3. Network Analysis Policy
      4. Access Control Policy
      5. SSL Inspection
      6. New Rule Keywords
      7. Platform Enhancements
      8. International Enhancements
      9. Minor Changes
      10. Summary
    17. Appendix Answers to Review Questions
    18. Advert
    19. EULA