Cisco 300-735-SAUTO Exam: Event Types for eStreamer Server and Requesting Client

Event Types for eStreamer Server and Requesting Client

Question

Which two event types can the eStreamer server transmit to the requesting client from a managed device and a management center? (Choose two.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

BD.

The eStreamer server is a communication mechanism used in Cisco security products such as Firepower Threat Defense (FTD) and Firepower Management Center (FMC) to send event information to external clients such as security information and event management (SIEM) systems.

When a managed device (such as an FTD appliance) or a management center (such as an FMC) detects a security event, it can send various types of event information to the eStreamer server. The server can then forward this information to any clients that have subscribed to receive it.

Of the answer choices given, two event types that the eStreamer server can transmit to the requesting client are intrusion events and malware events.

Intrusion events refer to security events that indicate an attempt to exploit a vulnerability or otherwise compromise the security of a network or system. Examples of intrusion events include attempts to access restricted resources, network scans, and malware infections.

Malware events refer specifically to events related to the detection or removal of malicious software. This can include alerts for malware infections, attempts to download or execute malicious files, and attempts to communicate with known malicious domains or IP addresses.

User activity events, file events, and intrusion event extra data are not specifically mentioned as event types that can be transmitted by the eStreamer server. However, it is worth noting that the eStreamer API does allow for a wide range of event types to be sent and received, and these may vary depending on the specific security product being used.