{"id":864,"date":"2019-08-20T07:00:10","date_gmt":"2019-08-20T12:00:10","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=864"},"modified":"2020-02-25T09:32:27","modified_gmt":"2020-02-25T15:32:27","slug":"ccna-cyberops-secops-objective-4-2","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/","title":{"rendered":"CCNA CyberOps SECOPS &#8211; Objective 4.2"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Interpret common data values into a universal format <\/p><cite><strong>Implementing Cisco Cybersecurity Operations (210-255) <\/strong> <\/cite><\/blockquote>\n\n\n\n<p>For this objective, I would suggest using <a href=\"https:\/\/securityonion.net\">Security Onion<\/a> to collect some data from a firewall and IPS.  Within the Security Onion stack is a tool called ELSA. ELSA is an open-source SEIM product. It takes the logs and puts them into a normalized format. This allows disparate log types to be analyzed together.<\/p>\n\n\n\n<p>As you can see below in the screenshot, the normalized form parses the data into fields. The fields use the same names for all log files which allows correlation of data that contain the same fields.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/www.syslog-ng.com\/community\/b\/blog\/posts\/elsa-web-interface-for-syslog-ng-and-patterndb\" target=\"_blank\" rel=\"noreferrer noopener\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"600\" height=\"453\" data-attachment-id=\"865\" data-permalink=\"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/elsa_example\/\" data-orig-file=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/elsa_example.png?fit=600%2C453&amp;ssl=1\" data-orig-size=\"600,453\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"elsa_example\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/elsa_example.png?fit=600%2C453&amp;ssl=1\" src=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/elsa_example.png?resize=600%2C453&#038;ssl=1\" alt=\"A screen shot of ELSA. The screen shot shows how plain text files are parsed and put in normalized forms with defined fields.\" class=\"wp-image-865\" srcset=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/elsa_example.png?w=600&amp;ssl=1 600w, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/elsa_example.png?resize=300%2C227&amp;ssl=1 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><figcaption>Image from <a href=\"https:\/\/www.syslog-ng.com\/community\/b\/blog\/posts\/elsa-web-interface-for-syslog-ng-and-patterndb\">https:\/\/www.syslog-ng.com\/community\/b\/blog\/posts\/elsa-web-interface-for-syslog-ng-and-patterndb<\/a><\/figcaption><\/figure>\n\n\n\n<p>Other tools like QRadar and Splunk also do similar tasks with data to allow analysts to better understand the mountain of data devices produce.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Interpret common data values into a universal format Implementing Cisco Cybersecurity Operations (210-255) For this objective, I would suggest using Security Onion to collect some data from a firewall and IPS. Within the Security Onion stack is a tool called ELSA. ELSA is an open-source SEIM product. It takes the logs and puts them into [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":198,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CCNA CyberOps SECOPS - Objective 4.2 #ciscocert #ccnacyberops #ciscochampions","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,105,31,24],"tags":[107,90,106,149],"class_list":["post-864","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ccna-cyberops","category-certification","category-cisco","tag-ccna-cyberops","tag-certification","tag-cisco","tag-cisco-certified-cyber-ops-associate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CCNA CyberOps SECOPS - Objective 4.2 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CCNA CyberOps SECOPS - Objective 4.2 -\" \/>\n<meta property=\"og:description\" content=\"Interpret common data values into a universal format Implementing Cisco Cybersecurity Operations (210-255) For this objective, I would suggest using Security Onion to collect some data from a firewall and IPS. Within the Security Onion stack is a tool called ELSA. ELSA is an open-source SEIM product. It takes the logs and puts them into [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-20T12:00:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-25T15:32:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i2.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"960\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CCNA CyberOps SECOPS &#8211; Objective 4.2\",\"datePublished\":\"2019-08-20T12:00:10+00:00\",\"dateModified\":\"2020-02-25T15:32:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/\"},\"wordCount\":143,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1\",\"keywords\":[\"CCNA CyberOps\",\"certification\",\"cisco\",\"Cisco Certified Cyber Ops Associate\"],\"articleSection\":[\"Blog\",\"CCNA CyberOps\",\"Certification\",\"cisco\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/\",\"name\":\"CCNA CyberOps SECOPS - Objective 4.2 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1\",\"datePublished\":\"2019-08-20T12:00:10+00:00\",\"dateModified\":\"2020-02-25T15:32:27+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1\",\"width\":640,\"height\":960,\"caption\":\"Photo by Markus Spiske temporausch.com from Pexels\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/20\\\/ccna-cyberops-secops-objective-4-2\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CCNA CyberOps SECOPS &#8211; Objective 4.2\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CCNA CyberOps SECOPS - Objective 4.2 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/","og_locale":"en_US","og_type":"article","og_title":"CCNA CyberOps SECOPS - Objective 4.2 -","og_description":"Interpret common data values into a universal format Implementing Cisco Cybersecurity Operations (210-255) For this objective, I would suggest using Security Onion to collect some data from a firewall and IPS. Within the Security Onion stack is a tool called ELSA. ELSA is an open-source SEIM product. It takes the logs and puts them into [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-08-20T12:00:10+00:00","article_modified_time":"2020-02-25T15:32:27+00:00","og_image":[{"width":640,"height":960,"url":"https:\/\/i2.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CCNA CyberOps SECOPS &#8211; Objective 4.2","datePublished":"2019-08-20T12:00:10+00:00","dateModified":"2020-02-25T15:32:27+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/"},"wordCount":143,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1","keywords":["CCNA CyberOps","certification","cisco","Cisco Certified Cyber Ops Associate"],"articleSection":["Blog","CCNA CyberOps","Certification","cisco"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/","name":"CCNA CyberOps SECOPS - Objective 4.2 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1","datePublished":"2019-08-20T12:00:10+00:00","dateModified":"2020-02-25T15:32:27+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1","width":640,"height":960,"caption":"Photo by Markus Spiske temporausch.com from Pexels"},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CCNA CyberOps SECOPS &#8211; Objective 4.2"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-dW","jetpack-related-posts":[{"id":758,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/04\/ccna-cyberops-secops-objective-1-8\/","url_meta":{"origin":864,"position":0},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.8","author":"Ben Story","date":"August 4, 2019","format":false,"excerpt":"Describe the role of attribution in an investigation Implementing Cisco Cybersecurity Operations (210-255) Assets: Any data, device or other aspects of the environment that supports information systems.Threat Actor: The person or group responsible for an attack on an asset.","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":524,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/15\/ccna-cyberops-secfnd-objective-5-2\/","url_meta":{"origin":864,"position":1},"title":"CCNA CyberOps SECFND Objective 5.2","author":"Ben Story","date":"March 15, 2019","format":false,"excerpt":"Describe these types of data used in security monitoring: Full packet capture, session data, transaction data, statistical data, extracted content, alert dataUnderstanding Cisco Cybersecurity Fundamentals (210-250) Full Packet Capture Full packet capture data can be very useful in analyzing what occurred on a network. Unfortunately to capture everything is very\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":885,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/","url_meta":{"origin":864,"position":2},"title":"CCNA CyberOps SECOPS &#8211; Objectives 4.7 and 4.8","author":"Ben Story","date":"August 26, 2019","format":false,"excerpt":"Map DNS logs and HTTP logs together to find a threat actor Implementing Cisco Cybersecurity Operations (210-255) Map DNS, HTTP, and threat intelligence data together Implementing Cisco Cybersecurity Operations (210-255) Understanding logs from DNS servers and HTTP servers is important. Analyzing data from the logs can help with determining security\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Lex Photography from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":483,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/04\/ccna-cyberops-secfnd-objective-2-0\/","url_meta":{"origin":864,"position":3},"title":"CCNA CyberOps SECFND Objective 2.1","author":"Ben Story","date":"March 4, 2019","format":false,"excerpt":"Describe the principles of the defense in depth strategy\u00a0 Understanding Cisco Cybersecurity Fundamentals (210-250) Defense in depth uses a layered approach to security. Each layer by itself is not secure, but together they provide a better security for the data being protected. These layers can be summarized as the following:\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/ogres-layers.jpg?fit=1146%2C778&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":857,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/19\/ccna-cyberops-secops-objective-4-1\/","url_meta":{"origin":864,"position":4},"title":"CCNA CyberOps SECOPS &#8211; Objective 4.1","author":"Ben Story","date":"August 19, 2019","format":false,"excerpt":"Describe the process of data normalization Implementing Cisco Cybersecurity Operations (210-255) Data normalization is the process of removing duplicate information and increasing the accuracy of the information. In cybersecurity tools like SEIMs can help take IPS or other sources and by normalization make them more usable. The data is also\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/blur-codes-coding-577585.jpg?fit=640%2C479&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/blur-codes-coding-577585.jpg?fit=640%2C479&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/blur-codes-coding-577585.jpg?fit=640%2C479&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":498,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/08\/ccna-cyberops-secfnd-objective-2-5\/","url_meta":{"origin":864,"position":5},"title":"CCNA CyberOps SECFND Objective 2.5","author":"Ben Story","date":"March 8, 2019","format":false,"excerpt":"Compare and contrast access control modelsUnderstanding Cisco Cybersecurity Fundamentals (210-250) Discretionary Access Control Discretionary Access Control (DAC) allows the owner of the data to assign read or write rights to each file to whomever they choose. This makes it very flexible, but there is no central control. It is also\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"metal keys","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/key-metal-home-security-67609.jpeg?fit=640%2C425&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/key-metal-home-security-67609.jpeg?fit=640%2C425&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/key-metal-home-security-67609.jpeg?fit=640%2C425&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=864"}],"version-history":[{"count":1,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/864\/revisions"}],"predecessor-version":[{"id":1115,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/864\/revisions\/1115"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/198"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}