If you’ve been paying attention to the Cisco world since Cisco Live US 2019, you have probably heard a lot about the changes to the Cisco Certification program. The changes are now the rule of the land and we’re starting to get a better picture of how things will work going forward. You Get a […]
Describe these concepts as they are documented in NIST SP800-86: evidence collection order, data integrity, data preservation, volatile data collection Implementing Cisco Cybersecurity Operations (210-255) The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes. Evidence Collection Order […]
Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the […]
Apply the NIST.SP800-61 r2 incident handling process to an event Implementing Cisco Cybersecurity Operations (210-255) The NIST.SP800-61 r2 incident handling process document contains several example scenarios. These are all contained in Appendix A of the document. Below are some of the suggested questions for each phase from section A-1 of the document. Preparation: Would the […]
© Ben Story 2025.
© Pack IT Forwarding 2025. Powered by WordPress
