{"id":491,"date":"2019-03-06T08:30:09","date_gmt":"2019-03-06T14:30:09","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=491"},"modified":"2020-02-25T09:31:39","modified_gmt":"2020-02-25T15:31:39","slug":"ccna-cyberops-secfnd-objective-2-3","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/","title":{"rendered":"CCNA CyberOps SECFND Objective 2.3"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Describe these terms: Threat actor, run book automation, chain of custody, reverse engineering, sliding window anomaly detection, PII and PHI.<\/p><cite>Understanding Cisco Cybersecurity Fundamentals (210-250)<\/cite><\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Threat Actor<\/h2>\n\n\n\n<p>A threat actor is the individual or group that performs the attack or security incident. Several types of threat actors exist.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Script kiddies: Uses existing scripts to hack into computers without expertise to do it themselves.<\/li><li>Organized crime: Steal information, scam people and make money. Often funds very intelligent hackers.<\/li><li>State sponsors and governments: interested in stealing data and sabotage<\/li><li>Hacktivists: Carry out attacks to promote social or political causes<\/li><li>Terrorist groups: Motivated by political or religious belief<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Runbook Automation (RBA)<\/h2>\n\n\n\n<p>A runbook is a collection of procedures and operations. The goal is to ensure that tasks are done in the same manner correctly. This allows for automation of some tasks. Examples of RBA include Rundeck and Cisco Workload Automation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Chain of Custody<\/h2>\n\n\n\n<p>When collecting forensic evidence during a security incident, the chain of custody must be maintained. This allows evidence to be presented in court. It is extremely important to be able to answer the following questions:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>How the evidence was collected<\/li><li>When it was collected<\/li><li>How it was transported<\/li><li>How it was tracked<\/li><li>How it was stored<\/li><li>Who had access to the evidence and how it was accessed<\/li><\/ul>\n\n\n\n<p>Often it is advisable to only work with copies of digital evidence. If that is not possible a write blocker should be used to prevent changing the evidence.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Reverse Engineering<\/h2>\n\n\n\n<p>Methodology for getting information about something created by someone else. In cybersecurity reverse engineering may be used for forensics and to determine how malware works and how to counter it. Cybersecurity analysts may also reverse engineer systems to find and correct vulnerabilities.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Sliding Window Anomaly Detection<\/h2>\n\n\n\n<p>By setting a window of time to set a baseline, anomalies from that baseline can be identified. These anomalies may indicate cybersecurity incidents. These baselines can be based on bandwidth, latency or other metrics. In a sliding window the baseline is rebuilt based on the latest data over the decided window.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">PII<\/h2>\n\n\n\n<p>Personally Identifiable Information is a class of sensitive data. This data can identify a person and be used in identity theft. <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Name<\/li><li>SSN<\/li><li>Biometric information<\/li><li>Date and place of birth<\/li><li>Mother&#8217;s maiden name<\/li><li>Credit Card number<\/li><li>Bank account number<\/li><li>Driver&#8217;s License number<\/li><li>Address information including e-mail, street addresses and telephone numbers<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">PHI<\/h2>\n\n\n\n<p>Protected Health Information is defined by regulations including HIPAA. <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Patient Name<\/li><li>Dates including birth, death, discharge and administration<\/li><li>Telephone or fax numbers<\/li><li>E-mail addresses and physical addresses<\/li><li>Medical record numbers<\/li><li>SSN<\/li><li>Driver&#8217;s License<\/li><li>Biometrics<\/li><li>Photos that include the face or recognizable features<\/li><li>Any unique number or characteristic<\/li><li>Health conditions<\/li><li>Payment or provisioning of healthcare<\/li><\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Describe these terms: Threat actor, run book automation, chain of custody, reverse engineering, sliding window anomaly detection, PII and PHI. Understanding Cisco Cybersecurity Fundamentals (210-250) Threat Actor A threat actor is the individual or group that performs the attack or security incident. Several types of threat actors exist. Script kiddies: Uses existing scripts to hack [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":201,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CCNA CyberOps SECFND Objective 2.3 - Study Notes #ccnacyberops #ciscochampion","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,105,31,24],"tags":[107,90,106,149],"class_list":["post-491","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ccna-cyberops","category-certification","category-cisco","tag-ccna-cyberops","tag-certification","tag-cisco","tag-cisco-certified-cyber-ops-associate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CCNA CyberOps SECFND Objective 2.3 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CCNA CyberOps SECFND Objective 2.3 -\" \/>\n<meta property=\"og:description\" content=\"Describe these terms: Threat actor, run book automation, chain of custody, reverse engineering, sliding window anomaly detection, PII and PHI. Understanding Cisco Cybersecurity Fundamentals (210-250) Threat Actor A threat actor is the individual or group that performs the attack or security incident. Several types of threat actors exist. Script kiddies: Uses existing scripts to hack [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-06T14:30:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-25T15:31:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CCNA CyberOps SECFND Objective 2.3\",\"datePublished\":\"2019-03-06T14:30:09+00:00\",\"dateModified\":\"2020-02-25T15:31:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/\"},\"wordCount\":455,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"keywords\":[\"CCNA CyberOps\",\"certification\",\"cisco\",\"Cisco Certified Cyber Ops Associate\"],\"articleSection\":[\"Blog\",\"CCNA CyberOps\",\"Certification\",\"cisco\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/\",\"name\":\"CCNA CyberOps SECFND Objective 2.3 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"datePublished\":\"2019-03-06T14:30:09+00:00\",\"dateModified\":\"2020-02-25T15:31:39+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"width\":640,\"height\":426},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/06\\\/ccna-cyberops-secfnd-objective-2-3\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CCNA CyberOps SECFND Objective 2.3\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CCNA CyberOps SECFND Objective 2.3 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/","og_locale":"en_US","og_type":"article","og_title":"CCNA CyberOps SECFND Objective 2.3 -","og_description":"Describe these terms: Threat actor, run book automation, chain of custody, reverse engineering, sliding window anomaly detection, PII and PHI. Understanding Cisco Cybersecurity Fundamentals (210-250) Threat Actor A threat actor is the individual or group that performs the attack or security incident. Several types of threat actors exist. Script kiddies: Uses existing scripts to hack [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-03-06T14:30:09+00:00","article_modified_time":"2020-02-25T15:31:39+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CCNA CyberOps SECFND Objective 2.3","datePublished":"2019-03-06T14:30:09+00:00","dateModified":"2020-02-25T15:31:39+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/"},"wordCount":455,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","keywords":["CCNA CyberOps","certification","cisco","Cisco Certified Cyber Ops Associate"],"articleSection":["Blog","CCNA CyberOps","Certification","cisco"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/","name":"CCNA CyberOps SECFND Objective 2.3 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","datePublished":"2019-03-06T14:30:09+00:00","dateModified":"2020-02-25T15:31:39+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","width":640,"height":426},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CCNA CyberOps SECFND Objective 2.3"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-7V","jetpack-related-posts":[{"id":758,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/04\/ccna-cyberops-secops-objective-1-8\/","url_meta":{"origin":491,"position":0},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.8","author":"Ben Story","date":"August 4, 2019","format":false,"excerpt":"Describe the role of attribution in an investigation Implementing Cisco Cybersecurity Operations (210-255) Assets: Any data, device or other aspects of the environment that supports information systems.Threat Actor: The person or group responsible for an attack on an asset.","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":885,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/","url_meta":{"origin":491,"position":1},"title":"CCNA CyberOps SECOPS &#8211; Objectives 4.7 and 4.8","author":"Ben Story","date":"August 26, 2019","format":false,"excerpt":"Map DNS logs and HTTP logs together to find a threat actor Implementing Cisco Cybersecurity Operations (210-255) Map DNS, HTTP, and threat intelligence data together Implementing Cisco Cybersecurity Operations (210-255) Understanding logs from DNS servers and HTTP servers is important. Analyzing data from the logs can help with determining security\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Lex Photography from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":488,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/05\/ccna-cyberops-secfnd-objective-2-2\/","url_meta":{"origin":491,"position":2},"title":"CCNA CyberOps SECFND Objective 2.2","author":"Ben Story","date":"March 5, 2019","format":false,"excerpt":"Compare and contrast these concepts: Risk, Threat, Vulnerability, and Exploit.Understanding Cisco Cybersecurity Fundamentals (210-250) Risk: the possibility that something bad will happenThreat: any potential danger to a security assetVulnerability: exploitable weakness in a system or designExploit: software or commands that take advantage of a vulnerability Risk is the possibility of\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/roulette-roulette-wheel-ball-turn.jpg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/roulette-roulette-wheel-ball-turn.jpg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/roulette-roulette-wheel-ball-turn.jpg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":727,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/07\/29\/ccna-cyberops-secops-objective-1-1\/","url_meta":{"origin":491,"position":3},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.1","author":"Ben Story","date":"July 29, 2019","format":false,"excerpt":"Interpret the output report of a malware analysis tool such as AMP Threat Grid and Cuckoo Sandbox Implementing Cisco Cybersecurity Operations (210-255) Both Cisco AMP Threat Grid and Cuckoo Sandbox are malware analysis tools. They can both execute a piece of malware and report on what the malware tries to\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Kaboompics .com from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/boy-bucket-child-6459.jpg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/boy-bucket-child-6459.jpg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/boy-bucket-child-6459.jpg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":873,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/23\/ccna-cyberops-secops-objective-4-6\/","url_meta":{"origin":491,"position":4},"title":"CCNA CyberOps SECOPS &#8211; Objective 4.6","author":"Ben Story","date":"August 23, 2019","format":false,"excerpt":"Identify potentially compromised hosts within the network based on a threat analysis report containing malicious IP address or domains Implementing Cisco Cybersecurity Operations (210-255) A threat analysis report helps an analyst by providing a list of all of the IPs or domains that a potentially compromised host has been communicating\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Screenshot of a FMC host profile.","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":463,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/28\/cisco-certified-network-associate-cyberops\/","url_meta":{"origin":491,"position":5},"title":"Cisco Certified Network Associate &#8211; CyberOps","author":"Ben Story","date":"February 28, 2019","format":false,"excerpt":"Cisco's cybersecurity certification is the CCNA CyberOps. The certification is composed of two exams. The first exam is 210-250 SECFND: Understanding Cisco Cybersecurity Fundamentals. This exam sets the foundation for an engineer to understand the terminology and tools used by a Security Operations Center(SOC) engineer. The second half of the\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/491","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=491"}],"version-history":[{"count":1,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/491\/revisions"}],"predecessor-version":[{"id":1070,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/491\/revisions\/1070"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/201"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=491"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=491"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=491"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}