Pack IT Forwarding

Pack IT Forwarding

Paying it forward by sharing knowledge

Menu
  • Home
  • Certification
    • CCNA CyberOps
    • CySA+
  • About

Tag: cisco

Packet Fragment: Cisco ASA Prompt

October 15, 2019
| No Comments
| Blog, cisco, Packet Fragment
Photo by Adrien Olichon from Pexels

Sometimes I run across a tidbit that isn’t really a full blog article, but it’s still something important. I’m going to refer to these as Packet Fragments. Today’s fragment is about the Cisco ASA. Especially when doing software upgrades I want to make sure that I’m on the correct unit before typing my commands. Instead […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a>, <a href="https://packitforwarding.com/index.php/category/packet-fragment/" rel="category tag">Packet Fragment</a> Tagged <a href="https://packitforwarding.com/index.php/tag/asa/" rel="tag">ASA</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a>, <a href="https://packitforwarding.com/index.php/tag/packet-fragment/" rel="tag">Packet Fragment</a>, <a href="https://packitforwarding.com/index.php/tag/security/" rel="tag">Security</a> Leave a comment

CCNA CyberOps SECOPS – Objective 5.4

September 26, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco
Photo by kat wilcox from Pexels

Describe these concepts as they are documented in NIST SP800-86: evidence collection order, data integrity, data preservation, volatile data collection Implementing Cisco Cybersecurity Operations (210-255) The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes. Evidence Collection Order […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

CCNA CyberOps SECOPS – Objective 5.3

September 24, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco
Photo by rawpixel.com from Pexels

Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

CCNA CyberOps SECOPS – Objective 5.2

September 23, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco
Whiteboard drawing of a flow chart.

Apply the NIST.SP800-61 r2 incident handling process to an event Implementing Cisco Cybersecurity Operations (210-255) The NIST.SP800-61 r2 incident handling process document contains several example scenarios. These are all contained in Appendix A of the document. Below are some of the suggested questions for each phase from section A-1 of the document. Preparation: Would the […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

CCNA CyberOps SECOPS – Objective 5.1

August 29, 2019
| 1 Comment
| Blog, CCNA CyberOps, Certification, cisco
A graphical depiction of the cyber kill chain model.

Classify intrusion events into these categories as defined by the Cyber Kill Chain Model Implementing Cisco Cybersecurity Operations (210-255) The cyber kill chain model outlines all of the steps necessary for a cyber attack to be successful. If the chain is broken, the attack will fail. The cyber kill chain is also an ordered list […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> 1 Comment

CCNA CyberOps SECOPS – Objective 4.10

August 28, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco
Photo by Skitterphoto from Pexels

Compare and contrast deterministic and probabilistic analysis Implementing Cisco Cybersecurity Operations (210-255) Deterministic Analysis Deterministic analysis uses data that is known beforehand. One example is using port-based analysis to establish what application is being used in network communication. Basically, deterministic analysis uses known facts. Probabilistic Analysis Probabilistic analysis looks at all possibilities and tries to […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

CCNA CyberOps SECOPS – Objective 4.9

August 27, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco
Photo by Oleksandr Pidvalnyi from Pexels

Identify a correlation rule to distinguish the most significant alert from a given set of events from multiple data sources using the firepower management console Implementing Cisco Cybersecurity Operations (210-255) The Cisco Firepower Management Center has the ability for custom correlation rules. These rules can be created to trigger based on many different attributes. Once […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

CCNA CyberOps SECOPS – Objectives 4.7 and 4.8

August 26, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco
Photo by Lex Photography from Pexels

Map DNS logs and HTTP logs together to find a threat actor Implementing Cisco Cybersecurity Operations (210-255) Map DNS, HTTP, and threat intelligence data together Implementing Cisco Cybersecurity Operations (210-255) Understanding logs from DNS servers and HTTP servers is important. Analyzing data from the logs can help with determining security incidents. Both types of logs […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

CCNA CyberOps SECOPS – Objective 4.6

August 23, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco
Screenshot of a FMC host profile.

Identify potentially compromised hosts within the network based on a threat analysis report containing malicious IP address or domains Implementing Cisco Cybersecurity Operations (210-255) A threat analysis report helps an analyst by providing a list of all of the IPs or domains that a potentially compromised host has been communicating with. This information can help […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

CCNA CyberOps SECOPS – Objective 4.5

August 22, 2019
| No Comments
| Blog, CCNA CyberOps, Certification, cisco

Describe the retrospective analysis method to find a malicious file, provided file analysis report Implementing Cisco Cybersecurity Operations (210-255) The above image is a screenshot from a Cisco Firepower Management Center. In particular, it is a Network File Trajectory. In this case, it’s not overly interesting since the file was only seen going from one […]

Read More »

Posted in <a href="https://packitforwarding.com/index.php/category/blog/" rel="category tag">Blog</a>, <a href="https://packitforwarding.com/index.php/category/certification/ccna-cyberops/" rel="category tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/category/certification/" rel="category tag">Certification</a>, <a href="https://packitforwarding.com/index.php/category/cisco/" rel="category tag">cisco</a> Tagged <a href="https://packitforwarding.com/index.php/tag/ccna-cyberops/" rel="tag">CCNA CyberOps</a>, <a href="https://packitforwarding.com/index.php/tag/certification/" rel="tag">certification</a>, <a href="https://packitforwarding.com/index.php/tag/cisco/" rel="tag">cisco</a> Leave a comment

Posts navigation

1 2 … 7 Next

Follow Me

  • Twitter
  • LinkedIn
  • Facebook
  • Email
  • RSS Feed
Ben Story @ntwrk80

Ben Story @ntwrk80

Ben Story is a network engineer for a multi-state hospital system. He has been working with networking since 1998, his Freshman year at Truman State University, when he worked for a small dial-up ISP managing their Shiva LanRover modem bank. His random bits and bytes can be found on his blog at https://packitforwarding.com or on Twitter @ntwrk80.

Verified Services

View Full Profile →

Recent Posts

  • Book Review – Armada
  • Packet Fragment: Windows Blocking an SSID
  • 2019 IT Blog Awards
  • Book Review – Ready Player One
  • Packet Fragment: ASA SCP Permission Denied

Archives

  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

© Ben Story 2019.

© Pack IT Forwarding 2019. Powered by WordPress