Cisco IPS Risk Rating Calculation: Four Values You Need to Know

Four Values for Cisco IPS Risk Rating Calculation

Prev Question Next Question

Question

Which four values can be used by the Cisco IPS appliance in the risk rating calculation? (Choose four.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

ABCD.

The Cisco Intrusion Prevention System (IPS) appliance is used to detect and prevent attacks on a network. The risk rating calculation is used to prioritize alerts and determine the severity of a detected threat. The risk rating is based on four values, which are:

A. Attack Severity Rating: This value represents the severity of the attack based on its potential impact on the network. The attack severity rating is typically based on the type of attack, its complexity, and its potential to cause damage or data loss.

B. Target Value Rating: This value represents the value of the target that is being attacked. The target value rating is typically based on the criticality of the system, its importance to the organization, and the potential impact of an attack on the system.

C. Signature Fidelity Rating: This value represents the accuracy of the IPS signature that detected the attack. The signature fidelity rating is typically based on the reliability of the signature, its effectiveness in detecting the attack, and its ability to avoid false positives.

E. Threat Rating: This value represents the overall threat level of the attack. The threat rating is typically based on the potential for the attack to cause damage or data loss, the sophistication of the attack, and the motivation of the attacker.

The above four values are used to calculate the risk rating of the detected threat, which is used to determine the severity of the alert and the appropriate response.

D. Promiscuous delta: This value is not used in the risk rating calculation in Cisco IPS.

F. Alert Rating: This value is not used in the risk rating calculation in Cisco IPS.