Map the organization stakeholders against the NIST IR categories (C2M2, NIST.SP800-61 r2) Implementing Cisco Cybersecurity Operations (210-255) The best I could find for this topic were the stakeholders defined by the Cybersecurity Capability Maturity Model (C2M2) documentation as listed below. Decision makers (executives) who control the allocation of resources and the management of risk in […]

Read More »

Map elements to these steps of analysis based on the NIST.SP800-61 r2 Implementing Cisco Cybersecurity Operations (210-255) NIST.SP800-61 r2 defines an Incident Response Life Cycle as shown above. For the SECOPS test, it is necessary to know some of the common elements of the steps in the Incident Response Life Cycle. Preparation Gather Useful Information […]

Read More »

Describe the elements that should be included in an incident response plan as stated in NIST.SP800-61 r2 Implementing Cisco Cybersecurity Operations (210-255) NIST’s SP 800-61 was developed to help organizations formulate incident response plans. It can be found here. Each organization’s incident response plan will be different. There are some key elements that occur in […]

Read More »

Interpret a provided intrusion event and host profile to calculate the impact flag generated by Firepower Management Center (FMC) Implementing Cisco Cybersecurity Operations (210-255) The firepower management console (FMC) presents information about the incidents and hosts. Impact flag 1 indicates an incident against a host that is vulnerable to the attack. Impact flag 2 indicates […]

Read More »