Today the classes and summits began. Unlike the traditional Cisco Live US hour to two hour break out sessions, most people, including myself, were in much longer summits devoted to various verticals and topics. It became clear that Cisco wants to make security part of everything it does. Cyber Security Summit I was torn between […]
I’ll call this day 0 since the main conference starts in earnest tomorrow. Today is similar to Sunday at Cisco Live US where it is mainly purchased labs and techtorials. Location, Location, Location Cisco Live Latin America is being held this year at the Moon Palace resort in Cancun, Mexico. I’m fortunate to be here […]
Sometimes I run across a tidbit that isn’t really a full blog article, but it’s still something important. I’m going to refer to these as Packet Fragments. Today’s fragment is about the Cisco ASA. Especially when doing software upgrades I want to make sure that I’m on the correct unit before typing my commands. Instead […]
Describe these concepts as they are documented in NIST SP800-86: evidence collection order, data integrity, data preservation, volatile data collection Implementing Cisco Cybersecurity Operations (210-255) The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes. Evidence Collection Order […]
Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the […]
Apply the NIST.SP800-61 r2 incident handling process to an event Implementing Cisco Cybersecurity Operations (210-255) The NIST.SP800-61 r2 incident handling process document contains several example scenarios. These are all contained in Appendix A of the document. Below are some of the suggested questions for each phase from section A-1 of the document. Preparation: Would the […]
In my last PowerShell post, I hope I convinced you that PowerShell isn’t just for the server engineers. This time we’ll take a look at a few more cmdlets that can come in handy for network engineers. A Ping of a Different Color Ok so ping is not exactly revolutionary, but if you’re wanting to […]
Today in the mail I saw the all too familiar envelope from my bank’s debit card issuer. No, my debit card isn’t expired. As usual, it’s been involved in yet another credit card processing breach. Again, as usual, my bank doesn’t tell me where my card number was compromised. This time though I have a […]
Classify intrusion events into these categories as defined by the Cyber Kill Chain Model Implementing Cisco Cybersecurity Operations (210-255) The cyber kill chain model outlines all of the steps necessary for a cyber attack to be successful. If the chain is broken, the attack will fail. The cyber kill chain is also an ordered list […]
Compare and contrast deterministic and probabilistic analysis Implementing Cisco Cybersecurity Operations (210-255) Deterministic Analysis Deterministic analysis uses data that is known beforehand. One example is using port-based analysis to establish what application is being used in network communication. Basically, deterministic analysis uses known facts. Probabilistic Analysis Probabilistic analysis looks at all possibilities and tries to […]
© Ben Story 2020.
© Pack IT Forwarding 2020. Powered by WordPress
