Paying it forward by sharing knowledge
Compare and contrast an attack surface and vulnerability. Implementing Cisco Cybersecurity Operations (210-255) The attack surface of a piece of hardware or software is the total of all potential attack vectors. An attack vector can be a service or other entry point. To be used in an attack there must be a vulnerability present that […]
5.3 Describe these concepts as they relate to security monitoring Access Control List: ACLs are used to filter traffic based on source and/or destination. Logs created by ACLs can be useful to monitor for certain types of traffic. NAT/PAT: Network Address Translation and Port Address Translation hide internal addresses behind public IP addresses. For security […]
Describe these types of data used in security monitoring: Full packet capture, session data, transaction data, statistical data, extracted content, alert data Understanding Cisco Cybersecurity Fundamentals (210-250) Full Packet Capture Full packet capture data can be very useful in analyzing what occurred on a network. Unfortunately to capture everything is very expensive in terms of […]
Identify the types of data provided by these technologies: TCP Dump, NetFlow, Next-Gen firewall, Traditional stateful firewall, Application visibility and control, web content filtering and email content filtering. Understanding Cisco Cybersecurity Fundamentals (210-250) TCP Dump The application tcpdump is a command line packet capture tool. An example of a packet displayed in the default console […]
4.1 Define these terms as they pertain to Microsoft Windows Processes: a program that the system is running Job: a group of processes Threads: basic units that an OS applies processing time to, spawned by a process which may have multiple threads Thread Pool: a group of asynchronous threads that report back to the application […]
3.1 Describe the uses of a hash algorithm Hash algorithms are a one way function that produces a unique mapping from a piece of a data to a string. This string can then be used to verify that the data has not been altered. Security software also uses hashes to compare a file to a […]
Describe these concepts: Asset management, configuration management, mobile device management, patch management and vulnerability management Understanding Cisco Cybersecurity Fundamentals (210-250) Asset Management Assets are the items of a company that need protected. To be able to protect them, they must be inventoried and managed. Policies should indicate how assets are used, who maintains them and […]
Compare and contrast these terms: Network and host antivirus, agentless and agent-based protections, SIEM and log collection Understanding Cisco Cybersecurity Fundamentals (210-250) Network and Host Antivirus Network antivirus is deployed on a dedicated machine that reviews all traffic. It has the advantage of being easier to maintain and update. It however cannot see viruses at […]
Compare and contrast access control models Understanding Cisco Cybersecurity Fundamentals (210-250) Discretionary Access Control Discretionary Access Control (DAC) allows the owner of the data to assign read or write rights to each file to whomever they choose. This makes it very flexible, but there is no central control. It is also prone to violations of […]
Describe these security terms: Principle of least privilege, risk scoring/risk weighting, risk reduction, risk assessment. Understanding Cisco Cybersecurity Fundamentals (210-250) Principle of Least Privilege The principle of least privilege states that a user should only be granted the least amount of rights to do their job. By limiting the rights of users, the amount of […]
© Pack IT Forwarding 2019. Powered by WordPress