Today I was configuring a new ASA in my lab environment. I had also fired up a brand new Ubuntu VM to be my SCP server. When I tried to copy files from Ubuntu to the ASA, it would give me the error “permission denied”. Of course, this sent me looking to see why my […]
This review of the book The Phoenix Project will be the first in a new series on PackIT Forwarding. Earlier this year I realized that I hadn’t read any books without the Cisco Press imprint in quite a long time. This was one of the books that have so far made it to my reading […]
All good things must come to an end and so too did Cisco Live Latin America 2019. The final day of the conference was a mix of technical training, a great keynote and partying. Colonel Chris Hadfield’s keynote was an inspiring keynote about transformation. Through the lens of his story from a little boy watching […]
Today I spent most of my time in break out sessions. As usual they were extremely well done presentations. The first one was on the ongoing game of cat and mouse between security professionals and hackers. As usual it is an ongoing arms race. I don’t see that ending anytime soon based on the material […]
Today the classes and summits began. Unlike the traditional Cisco Live US hour to two hour break out sessions, most people, including myself, were in much longer summits devoted to various verticals and topics. It became clear that Cisco wants to make security part of everything it does. Cyber Security Summit I was torn between […]
I’ll call this day 0 since the main conference starts in earnest tomorrow. Today is similar to Sunday at Cisco Live US where it is mainly purchased labs and techtorials. Location, Location, Location Cisco Live Latin America is being held this year at the Moon Palace resort in Cancun, Mexico. I’m fortunate to be here […]
Sometimes I run across a tidbit that isn’t really a full blog article, but it’s still something important. I’m going to refer to these as Packet Fragments. Today’s fragment is about the Cisco ASA. Especially when doing software upgrades I want to make sure that I’m on the correct unit before typing my commands. Instead […]
Describe these concepts as they are documented in NIST SP800-86: evidence collection order, data integrity, data preservation, volatile data collection Implementing Cisco Cybersecurity Operations (210-255) The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes. Evidence Collection Order […]
Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the […]
Apply the NIST.SP800-61 r2 incident handling process to an event Implementing Cisco Cybersecurity Operations (210-255) The NIST.SP800-61 r2 incident handling process document contains several example scenarios. These are all contained in Appendix A of the document. Below are some of the suggested questions for each phase from section A-1 of the document. Preparation: Would the […]
© Ben Story 2020.
© Pack IT Forwarding 2020. Powered by WordPress
