From: vpvprometric (vpvprometric@yahoo.com)
Date: Thu Aug 21 2008 - 12:43:16 ART
Answers are d and f - Cisco anomaly guard appliance and traffic anomaly detector. Basically the pair are a canned solution - You need cisco guard XT and MVP- multi-verification process. this then uses the traffic anomaly detector to protect in real time. I don' trecall the model # for the appliance but it might be the 5650 - you can check the Cisco website. The reason why this trumps the ASA, IPS, and FWSM is cause it does flow based attack analysis which is rather powerful and hard to get around and quite resistive to the distributed aspect of DoS attacks - you can even use to spike the zombie hosts from the manager interface. Hope this helps. Enjoy.
-Vijay
CCIE #12255
----- Original Message ----
From: Monica Belluci <mpls1979@gmail.com>
To: Cisco certification <security@groupstudy.com>; Cisco certification <ccielab@groupstudy.com>
Sent: Thursday, August 21, 2008 10:17:07 AM
Subject: question - Mitigate DDOS attack
Dear Security champs ,
I have one question
You have a customer that is looking to mitigate DDOS attack . Which two of
the following cisco security products
would you recommend to complete requirement
a) Cisco IPS
b)Cisco ASA
c)Cisco IOS Firewall
d)Cisco Anomaly Guard Module
e)Cisco FWSM
f)Cisco Traffic Anomaly detector module .
Which are Two ?
thanks
Monica Bell
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:31 ART