You are here
SEC0385 - Firepower 7.0 Malware Detection (Part 1)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video demonstrates an ability to perform Malware file detection and blocking on Cisco Firepower 7.0. We will look at how an executable file is determined to contain malware. We will attempt to submit a file with unknown disposition for further cloud analysis, explain the meaning of threat score, and review file analysis report. We will introduce you to Clean and Detection list and how they can be used to overwrite the default malware detection behavior.
Part 1 of this video covers malware detection
Topic:
- AMP for Network
- Malware Detection and Blocking
- Malware Dynamic and Spero Analysis
- File Trajectory
- File Capture and SHA256 Digest
- File Clean and Detection List
- Threat Score and Cloud Analysis Report
- AMP for Endpoint
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.