Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Guía Del Desarrollador

Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

Descargar
Página de 726
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
162
Understanding Intrusion and Correlation Data Structures
IOC Name Data Block for 5.3+
Chapter 3
Category
string
The category for the compromise. Possible 
values include:
• CnC Connected
• Exploit Kit
• High Impact Attack
• Low Impact Attack
• Malware Detected
• Malware Executed
• Dropper Infection
• Java Compromise
• Word Compromise
• Adobe Reader Compromise
• Excel Compromise
• PowerPoint Compromise
• QuickTime Compromise
String Block 
Type
uint32
Initiates a String data block containing the 
event type associated with the compromise. 
This value is always 0.
IOC Name Data Block Fields (Continued)
F
IELD
D
ATA
 T
YPE
D
ESCRIPTION