{"id":520,"date":"2019-03-14T09:00:18","date_gmt":"2019-03-14T14:00:18","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=520"},"modified":"2020-02-25T09:31:41","modified_gmt":"2020-02-25T15:31:41","slug":"ccna-cyberops-secfnd-objective-5-1","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/","title":{"rendered":"CCNA CyberOps SECFND Objective 5.1"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Identify the types of data provided by these technologies: TCP Dump, NetFlow, Next-Gen firewall, Traditional stateful firewall, Application visibility and control, web content filtering and email content filtering.<\/p><cite>Understanding Cisco Cybersecurity Fundamentals (210-250)<br><\/cite><\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">TCP Dump<\/h2>\n\n\n\n<p>The application tcpdump is a command line packet capture tool. An example of a packet displayed in the default console format is below. You can also direct full packets into a PCAP file which can be analyzed in a tool like <a href=\"https:\/\/www.wireshark.org\">Wireshark.<\/a><\/p>\n\n\n\n<p>20:04:26.269123 IP ec2-18-211-118-21.compute-1.amazonaws.com.https > 192.168.7.37.54190: Flags [.], ack 128, win 8, options [nop,nop,TS val 1181991327 ecr 416718581], length 0 <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">NetFlow<\/h2>\n\n\n\n<p>NetFlow provides a mean for Layer 3 switches and routers to send information about the network flows on an interface. Each flow is recorded  with the ingress interface, source IP, source port, destination IP, destination port, IP Protocol and the Type of Service. These records are then sent to a NetFlow collector. This collector then can produce graphs or reports on the data seen. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Next-Gen(eration) Firewall<\/h2>\n\n\n\n<p>Next Generation Firewalls use deep packet inspection to perform firewall decisions. By looking at the payload as well as the headers, they are able to understand the applications being used on the network. This allows for greater rule flexibility and the ability to identify traffic by type even if it is not on a standard port.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Traditional Stateful Firewall<\/h2>\n\n\n\n<p>Unlike NG Firewalls, stateful firewalls only look at the headers of the packets. It makes decisions based on the protocol, ports and IP addresses in the packet headers. Stateful firewalls keep a table of TCP sessions to allow return traffic through without additional rules.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Application visibility and control<\/h2>\n\n\n\n<p>AVC is a collection of services in Cisco network devices to provide classification, monitoring and traffic control. It has the following capabilities:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Application recognition<\/li><li>Metrics collection<\/li><li>Management and reporting<\/li><li>Network traffic control<\/li><\/ul>\n\n\n\n<p>AVC uses Cisco NBAR to do deep packet inspection. AVC may be used for QoS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Web Content Filtering<\/h2>\n\n\n\n<p>Web filters such as Cisco Web Security Appliance, are purpose built to filter web traffic. They usually can perform SSL decryption as well to see HTTPS traffic. The filtering is usually done using categories, but can also include blacklists and whitelists. AMP can also be a part of the filtering to prohibit malicious downloads. The logs from web filters can be useful in seeing what has been accessed or downloaded on a machine.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Email Content Filtering<\/h2>\n\n\n\n<p>Email content filtering like Cisco Email Security Appliance filter e-mail for malicious attachments, phishing attempts and spam.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Identify the types of data provided by these technologies: TCP Dump, NetFlow, Next-Gen firewall, Traditional stateful firewall, Application visibility and control, web content filtering and email content filtering. Understanding Cisco Cybersecurity Fundamentals (210-250) TCP Dump The application tcpdump is a command line packet capture tool. An example of a packet displayed in the default console [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":201,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,105,31,24],"tags":[107,90,106,149],"class_list":["post-520","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ccna-cyberops","category-certification","category-cisco","tag-ccna-cyberops","tag-certification","tag-cisco","tag-cisco-certified-cyber-ops-associate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CCNA CyberOps SECFND Objective 5.1 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CCNA CyberOps SECFND Objective 5.1 -\" \/>\n<meta property=\"og:description\" content=\"Identify the types of data provided by these technologies: TCP Dump, NetFlow, Next-Gen firewall, Traditional stateful firewall, Application visibility and control, web content filtering and email content filtering. Understanding Cisco Cybersecurity Fundamentals (210-250) TCP Dump The application tcpdump is a command line packet capture tool. An example of a packet displayed in the default console [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-14T14:00:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-25T15:31:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CCNA CyberOps SECFND Objective 5.1\",\"datePublished\":\"2019-03-14T14:00:18+00:00\",\"dateModified\":\"2020-02-25T15:31:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/\"},\"wordCount\":418,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"keywords\":[\"CCNA CyberOps\",\"certification\",\"cisco\",\"Cisco Certified Cyber Ops Associate\"],\"articleSection\":[\"Blog\",\"CCNA CyberOps\",\"Certification\",\"cisco\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/\",\"name\":\"CCNA CyberOps SECFND Objective 5.1 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"datePublished\":\"2019-03-14T14:00:18+00:00\",\"dateModified\":\"2020-02-25T15:31:41+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1\",\"width\":640,\"height\":426},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/14\\\/ccna-cyberops-secfnd-objective-5-1\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CCNA CyberOps SECFND Objective 5.1\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CCNA CyberOps SECFND Objective 5.1 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/","og_locale":"en_US","og_type":"article","og_title":"CCNA CyberOps SECFND Objective 5.1 -","og_description":"Identify the types of data provided by these technologies: TCP Dump, NetFlow, Next-Gen firewall, Traditional stateful firewall, Application visibility and control, web content filtering and email content filtering. Understanding Cisco Cybersecurity Fundamentals (210-250) TCP Dump The application tcpdump is a command line packet capture tool. An example of a packet displayed in the default console [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-03-14T14:00:18+00:00","article_modified_time":"2020-02-25T15:31:41+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CCNA CyberOps SECFND Objective 5.1","datePublished":"2019-03-14T14:00:18+00:00","dateModified":"2020-02-25T15:31:41+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/"},"wordCount":418,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","keywords":["CCNA CyberOps","certification","cisco","Cisco Certified Cyber Ops Associate"],"articleSection":["Blog","CCNA CyberOps","Certification","cisco"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/","name":"CCNA CyberOps SECFND Objective 5.1 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","datePublished":"2019-03-14T14:00:18+00:00","dateModified":"2020-02-25T15:31:41+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","width":640,"height":426},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/14\/ccna-cyberops-secfnd-objective-5-1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CCNA CyberOps SECFND Objective 5.1"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-8o","jetpack-related-posts":[{"id":794,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/07\/ccna-cyberops-secops-objective-2-3\/","url_meta":{"origin":520,"position":0},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.3","author":"Ben Story","date":"August 7, 2019","format":false,"excerpt":"Identify the elements from a NetFlow v5 record from a security event Implementing Cisco Cybersecurity Operations (210-255) When it comes to Netflow, the 5-tuple is king. Be sure to know the 5-tuple. Source IP AddressDestination IP AddressSource PortDestination PortProtocol10.1.1.2192.168.1.323343443TCP10.1.3.3192.168.3.24323253UDP192.168.4.5172.16.3.23232125TCP Beyond the 5-tuple, Netflow v9 and IPFIX (Industry Standard) allow for\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":815,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/10\/ccna-cyberops-secops-objective-2-7\/","url_meta":{"origin":520,"position":1},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.7","author":"Ben Story","date":"August 10, 2019","format":false,"excerpt":"Map the provided events to these source technologies: NetFlow, IDS \/ IPS, Firewall, Network application control, Proxy logs, AntivirusImplementing Cisco Cybersecurity Operations (210-255) NetFlow NetFlow (or IPFIX) data will contain the standard 5-tuple of information: source IP address, destination IP address, source port, destination port, and the protocol. IDS\/IPS Intrusion\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":867,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/21\/ccna-cyberops-secops-objectives-4-3-and-4-4\/","url_meta":{"origin":520,"position":2},"title":"CCNA CyberOps SECOPS &#8211; Objectives 4.3 and 4.4","author":"Ben Story","date":"August 21, 2019","format":false,"excerpt":"Describe 5-tuple correlation Implementing Cisco Cybersecurity Operations (210-255) Describe the 5-tuple approach to isolate a compromised host in a grouped set of logs Implementing Cisco Cybersecurity Operations (210-255) As noted in the discussion of Netflow, the 5-tuple consists of the Protocol, Source IP, Source Port, Destination IP, and Destination Port.\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":524,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/15\/ccna-cyberops-secfnd-objective-5-2\/","url_meta":{"origin":520,"position":3},"title":"CCNA CyberOps SECFND Objective 5.2","author":"Ben Story","date":"March 15, 2019","format":false,"excerpt":"Describe these types of data used in security monitoring: Full packet capture, session data, transaction data, statistical data, extracted content, alert dataUnderstanding Cisco Cybersecurity Fundamentals (210-250) Full Packet Capture Full packet capture data can be very useful in analyzing what occurred on a network. Unfortunately to capture everything is very\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":847,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/16\/ccna-cyberops-secops-objective-3-5\/","url_meta":{"origin":520,"position":4},"title":"CCNA CyberOps SECOPS &#8211; Objective 3.5","author":"Ben Story","date":"August 16, 2019","format":false,"excerpt":"Identify these elements used for network profiling: total throughput, session duration, ports used, critical asset address spaceImplementing Cisco Cybersecurity Operations (210-255) Total Throughput: How much data was sent between hosts or networks in a given amount of time.Session duration: How long a TCP session was active.Ports used: What ports did\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":797,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/08\/ccna-cyberops-secops-objective-2-4\/","url_meta":{"origin":520,"position":5},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.4","author":"Ben Story","date":"August 8, 2019","format":false,"excerpt":"Identify these key elements in an intrusion from a given PCAP file : Source address, Destination address, Source port, Destination port, Protocols, and Payloads Implementing Cisco Cybersecurity Operations (210-255) PCAP files are a way of storing packet data captured using a packet sniffer like Wireshark. The Wireshark website has dozens\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/pcap-3.png?fit=1030%2C422&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/pcap-3.png?fit=1030%2C422&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/pcap-3.png?fit=1030%2C422&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/pcap-3.png?fit=1030%2C422&ssl=1&resize=700%2C400 2x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=520"}],"version-history":[{"count":1,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/520\/revisions"}],"predecessor-version":[{"id":1077,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/520\/revisions\/1077"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/201"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}