CCNA CyberOps SECOPS – Objective 2.3
Identify the elements from a NetFlow v5 record from a security event Implementing Cisco Cybersecurity Operations (210-255) When it comes to Netflow, the 5-tuple is king. Be sure to know the 5-tuple. Source IP Address Destination IP Address Source Port Destination Port Protocol 10.1.1.2 192.168.1.3 23343 443 TCP 10.1.3.3 192.168.3.2 43232 53 UDP 192.168.4.5 172.16.3.2 […]