Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the […]
Apply the NIST.SP800-61 r2 incident handling process to an event Implementing Cisco Cybersecurity Operations (210-255) The NIST.SP800-61 r2 incident handling process document contains several example scenarios. These are all contained in Appendix A of the document. Below are some of the suggested questions for each phase from section A-1 of the document. Preparation: Would the […]
In my last PowerShell post, I hope I convinced you that PowerShell isn’t just for the server engineers. This time we’ll take a look at a few more cmdlets that can come in handy for network engineers. A Ping of a Different Color Ok so ping is not exactly revolutionary, but if you’re wanting to […]
Today in the mail I saw the all too familiar envelope from my bank’s debit card issuer. No, my debit card isn’t expired. As usual, it’s been involved in yet another credit card processing breach. Again, as usual, my bank doesn’t tell me where my card number was compromised. This time though I have a […]
© Ben Story 2024.
© Pack IT Forwarding 2024. Powered by WordPress
