Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
Cisco
CCNP (Professional)
response action vs action
liven
Is there really a difference between
response action and just a plain old action?
Sorry if this is a silly question, but as I build my own study guide off of the exam blue print I am struggling with some of the things listed. The reason I am struggling is because it is difficult to get clear cut definitions for some of the things on the blue print from cisco.com.
I am talking about this:
* Configure response actions for a signature
that is straight from the IPS exam blue print on cisco.com
I am thinking they are asking how do you configure things like this:
deny attacker inline
deny packet inline
log attacker packets
etc.....
anyone?
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
Ahriakin
A response action is anything that is initiated when a signature/anomaly detection fires, whether it be full blown host blocking/connection-denies or just an alert. I think they make the distinction because you can pro-actively/manually block hosts or perform captures without a signature firing, in that case it's just a 'plain old action'.
liven
thanks
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
