5.3 Describe these concepts as they relate to security monitoring Access Control List: ACLs are used to filter traffic based on source and/or destination. Logs created by ACLs can be useful to monitor for certain types of traffic. NAT/PAT: Network Address Translation and Port Address Translation hide internal addresses behind public IP addresses. For security […]

Read More »

Describe these types of data used in security monitoring: Full packet capture, session data, transaction data, statistical data, extracted content, alert data Understanding Cisco Cybersecurity Fundamentals (210-250) Full Packet Capture Full packet capture data can be very useful in analyzing what occurred on a network. Unfortunately to capture everything is very expensive in terms of […]

Read More »

Identify the types of data provided by these technologies: TCP Dump, NetFlow, Next-Gen firewall, Traditional stateful firewall, Application visibility and control, web content filtering and email content filtering. Understanding Cisco Cybersecurity Fundamentals (210-250) TCP Dump The application tcpdump is a command line packet capture tool. An example of a packet displayed in the default console […]

Read More »

4.1 Define these terms as they pertain to Microsoft Windows Processes: a program that the system is running Job: a group of processes Threads: basic units that an OS applies processing time to, spawned by a process which may have multiple threads Thread Pool: a group of asynchronous threads that report back to the application […]

Read More »