Professional Documents
Culture Documents
Lab 6 Rules PDF
Lab 6 Rules PDF
This study source was downloaded by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Lab 6.1 – Working with Rules
Table of Content
SECTION 1 - LAB OBJECTIVES ................................................................................................................................3
SECTION 2 – CREATE AN EVENT RULE ...............................................................................................................4
Legend
Notation or important step or note. For example, the objective for each section.
Deloitte
This study source Confidential and
was downloaded Proprietary
by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00 Page 2 of 8
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Lab 6.1 – Working with Rules
Deloitte
This study source Confidential and
was downloaded Proprietary
by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00 Page 3 of 8
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Lab 6.1 – Working with Rules
Aggregate the event such that 10 events are aggregated within a minute.
Deloitte
This study source Confidential and
was downloaded Proprietary
by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00 Page 4 of 8
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Lab 6.1 – Working with Rules
Note: Please also add a condition that the targeted asset is part of your network.
This will avoid the rule firing for other student's test alert.
Deloitte
This study source Confidential and
was downloaded Proprietary
by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00 Page 5 of 8
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Lab 6.1 – Working with Rules
6. Click on the "Actions" tab and right click on "On First Event" and click on "Add" and
then "Set Event Field"
Deloitte
This study source Confidential and
was downloaded Proprietary
by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00 Page 6 of 8
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Lab 6.1 – Working with Rules
7. Click on OK
8. Create a link into your real time folder
Deloitte
This study source Confidential and
was downloaded Proprietary
by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00 Page 7 of 8
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Lab 6.1 – Working with Rules
Rule 2 Lab
Create another rule as follows:
Locked account
Target address in Active List /All Active Lists/_Training/Critical assets
Attacker address: 10.123.2.2
Target user name: <your name>
Priority 9
Action: Create local notification
Deloitte
This study source Confidential and
was downloaded Proprietary
by 100000805244265 from CourseHero.com on 04-20-2022 07:49:47 GMT -05:00 Page 8 of 8
https://www.coursehero.com/file/38700920/Lab-6-Rulespdf/
Powered by TCPDF (www.tcpdf.org)