{"id":528,"date":"2019-03-16T11:00:13","date_gmt":"2019-03-16T16:00:13","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=528"},"modified":"2020-02-25T09:31:41","modified_gmt":"2020-02-25T15:31:41","slug":"ccna-cyberops-secfnd-objective-5-3-5-5","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/","title":{"rendered":"CCNA CyberOps SECFND Objective 5.3 &#8211; 5.5"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">5.3 Describe these concepts as they relate to security monitoring<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Access Control List: <\/strong>ACLs are used to filter traffic based on source and\/or destination. Logs created by ACLs can be useful to monitor for certain types of traffic.<\/li><li><strong>NAT\/PAT: <\/strong>Network Address Translation and Port Address Translation hide internal addresses behind public IP addresses. For security teams a mapping of these translations is important to be able to stitch together evidence from both sides of the transition.<\/li><li><strong>Tunneling:<\/strong> Tunneling using tools like GRE, VXLAN and IPSec encapsulate traffic making it able for the payload not to be seen by normal security measures<\/li><li><strong>TOR:<\/strong> The Onion Router is used to anonymize Internet traffic<\/li><li><strong>Encryption:<\/strong> Encryption is useful to protect data, but it also can be used to obfuscate attacks and malicious vectors.<\/li><li><strong>P2P:<\/strong> Peer to Peer traffic can indicate malicious traffic on a network.<\/li><li><strong>Encapsulation:<\/strong> Similar to Tunneling or encryption, encapsulation can hide malicious traffic.<\/li><li><strong>Load balancing: <\/strong>Load balancers send traffic to multiple servers to serve up content. Security teams must understand how they work and what vulnerabilities they may have.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">5.4 Describe these NextGen IPS event types<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Connection Event:<\/strong>  Logs the connections made by hosts seen by the IPS. Can be used to see what hosts have talked to which other hosts.<\/li><li><strong>Intrusion Event: <\/strong>Logs that show alerts for traffic that matches signatures for intrusion attempts.<\/li><li><strong>Host or endpoint event:<\/strong> Event logs that show HIPS alerts.<\/li><li><strong>Network Discovery event:<\/strong> Events that show how an IPS has learned about the hosts on the network by profiling the traffic.<\/li><li><strong>NetFlow event: <\/strong>Events triggered by NetFlow data.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">5.5 Describe the function of these protocols in the context of security monitoring<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>DNS:<\/strong> DNS must be monitored for both the information it can tell about malicious sites, but also that the DNS traffic isn&#8217;t being used for exfiltration.<\/li><li><strong>NTP:<\/strong> Network Time Protocol allows for time synchronization of devices. Time synchronization makes correlation of logs much easier.<\/li><li><strong>SMTP\/POP\/IMAP:<\/strong> Mail protocols must be monitored for malicious inbound traffic as well as for exfiltration of stolen data.<\/li><li><strong>HTTP\/HTTPS: <\/strong>Web traffic can be used for malicious content and must be filtered and monitored.<\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>5.3 Describe these concepts as they relate to security monitoring Access Control List: ACLs are used to filter traffic based on source and\/or destination. Logs created by ACLs can be useful to monitor for certain types of traffic. NAT\/PAT: Network Address Translation and Port Address Translation hide internal addresses behind public IP addresses. For security [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":350,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CCNA CyberOps SECFND Objective 5.3 - 5.5 - Study Notes #ccnacyberops #ciscochampion","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,105,31,24],"tags":[107,90,106,149],"class_list":["post-528","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ccna-cyberops","category-certification","category-cisco","tag-ccna-cyberops","tag-certification","tag-cisco","tag-cisco-certified-cyber-ops-associate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CCNA CyberOps SECFND Objective 5.3 - 5.5 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CCNA CyberOps SECFND Objective 5.3 - 5.5 -\" \/>\n<meta property=\"og:description\" content=\"5.3 Describe these concepts as they relate to security monitoring Access Control List: ACLs are used to filter traffic based on source and\/or destination. Logs created by ACLs can be useful to monitor for certain types of traffic. NAT\/PAT: Network Address Translation and Port Address Translation hide internal addresses behind public IP addresses. For security [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-16T16:00:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-25T15:31:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i1.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"424\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CCNA CyberOps SECFND Objective 5.3 &#8211; 5.5\",\"datePublished\":\"2019-03-16T16:00:13+00:00\",\"dateModified\":\"2020-02-25T15:31:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/\"},\"wordCount\":361,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1\",\"keywords\":[\"CCNA CyberOps\",\"certification\",\"cisco\",\"Cisco Certified Cyber Ops Associate\"],\"articleSection\":[\"Blog\",\"CCNA CyberOps\",\"Certification\",\"cisco\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/\",\"name\":\"CCNA CyberOps SECFND Objective 5.3 - 5.5 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1\",\"datePublished\":\"2019-03-16T16:00:13+00:00\",\"dateModified\":\"2020-02-25T15:31:41+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1\",\"width\":640,\"height\":424,\"caption\":\"Microscope\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/03\\\/16\\\/ccna-cyberops-secfnd-objective-5-3-5-5\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CCNA CyberOps SECFND Objective 5.3 &#8211; 5.5\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CCNA CyberOps SECFND Objective 5.3 - 5.5 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/","og_locale":"en_US","og_type":"article","og_title":"CCNA CyberOps SECFND Objective 5.3 - 5.5 -","og_description":"5.3 Describe these concepts as they relate to security monitoring Access Control List: ACLs are used to filter traffic based on source and\/or destination. Logs created by ACLs can be useful to monitor for certain types of traffic. NAT\/PAT: Network Address Translation and Port Address Translation hide internal addresses behind public IP addresses. For security [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-03-16T16:00:13+00:00","article_modified_time":"2020-02-25T15:31:41+00:00","og_image":[{"width":640,"height":424,"url":"https:\/\/i1.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CCNA CyberOps SECFND Objective 5.3 &#8211; 5.5","datePublished":"2019-03-16T16:00:13+00:00","dateModified":"2020-02-25T15:31:41+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/"},"wordCount":361,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1","keywords":["CCNA CyberOps","certification","cisco","Cisco Certified Cyber Ops Associate"],"articleSection":["Blog","CCNA CyberOps","Certification","cisco"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/","name":"CCNA CyberOps SECFND Objective 5.3 - 5.5 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1","datePublished":"2019-03-16T16:00:13+00:00","dateModified":"2020-02-25T15:31:41+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1","width":640,"height":424,"caption":"Microscope"},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CCNA CyberOps SECFND Objective 5.3 &#8211; 5.5"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-8w","jetpack-related-posts":[{"id":873,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/23\/ccna-cyberops-secops-objective-4-6\/","url_meta":{"origin":528,"position":0},"title":"CCNA CyberOps SECOPS &#8211; Objective 4.6","author":"Ben Story","date":"August 23, 2019","format":false,"excerpt":"Identify potentially compromised hosts within the network based on a threat analysis report containing malicious IP address or domains Implementing Cisco Cybersecurity Operations (210-255) A threat analysis report helps an analyst by providing a list of all of the IPs or domains that a potentially compromised host has been communicating\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Screenshot of a FMC host profile.","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/host-profile.png?fit=1106%2C805&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":770,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/05\/ccna-cyberops-secops-objective-2-1\/","url_meta":{"origin":528,"position":1},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.1","author":"Ben Story","date":"August 5, 2019","format":false,"excerpt":"Interpret basic regular expressions Implementing Cisco Cybersecurity Operations (210-255) Regular expressions are very useful to security analysts when analyzing logs and other security artifacts. There are several standard regular expression operators that you should understand for the CCNA CyberOps curriculum. OperatorDescription[]Match any of the characters in the brackets{#}Repeat match #\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by rawpixel.com from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-1496139.jpeg?fit=640%2C613&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-1496139.jpeg?fit=640%2C613&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-1496139.jpeg?fit=640%2C613&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":463,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/28\/cisco-certified-network-associate-cyberops\/","url_meta":{"origin":528,"position":2},"title":"Cisco Certified Network Associate &#8211; CyberOps","author":"Ben Story","date":"February 28, 2019","format":false,"excerpt":"Cisco's cybersecurity certification is the CCNA CyberOps. The certification is composed of two exams. The first exam is 210-250 SECFND: Understanding Cisco Cybersecurity Fundamentals. This exam sets the foundation for an engineer to understand the terminology and tools used by a Security Operations Center(SOC) engineer. The second half of the\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":847,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/16\/ccna-cyberops-secops-objective-3-5\/","url_meta":{"origin":528,"position":3},"title":"CCNA CyberOps SECOPS &#8211; Objective 3.5","author":"Ben Story","date":"August 16, 2019","format":false,"excerpt":"Identify these elements used for network profiling: total throughput, session duration, ports used, critical asset address spaceImplementing Cisco Cybersecurity Operations (210-255) Total Throughput: How much data was sent between hosts or networks in a given amount of time.Session duration: How long a TCP session was active.Ports used: What ports did\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":819,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/11\/ccna-cyberops-secops-objective-2-8\/","url_meta":{"origin":528,"position":4},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.8","author":"Ben Story","date":"August 11, 2019","format":false,"excerpt":"Compare and contrast impact and no impact for these items: False Positive, False Negative, True Positive, True NegativeImplementing Cisco Cybersecurity Operations (210-255) Security analysts must work to minimize both false positives and false negatives. False positives take up time to determine that the detection is not a problem. False negatives\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/teddy-teddy-bear-association-ill-42230.jpeg?fit=640%2C518&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/teddy-teddy-bear-association-ill-42230.jpeg?fit=640%2C518&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/teddy-teddy-bear-association-ill-42230.jpeg?fit=640%2C518&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":483,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/04\/ccna-cyberops-secfnd-objective-2-0\/","url_meta":{"origin":528,"position":5},"title":"CCNA CyberOps SECFND Objective 2.1","author":"Ben Story","date":"March 4, 2019","format":false,"excerpt":"Describe the principles of the defense in depth strategy\u00a0 Understanding Cisco Cybersecurity Fundamentals (210-250) Defense in depth uses a layered approach to security. Each layer by itself is not secure, but together they provide a better security for the data being protected. These layers can be summarized as the following:\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/528","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=528"}],"version-history":[{"count":1,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/528\/revisions"}],"predecessor-version":[{"id":1079,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/528\/revisions\/1079"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/350"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=528"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=528"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=528"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}