{"id":885,"date":"2019-08-26T10:00:49","date_gmt":"2019-08-26T15:00:49","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=885"},"modified":"2020-02-25T09:32:29","modified_gmt":"2020-02-25T15:32:29","slug":"ccna-cyberops-secops-objectives-4-7-and-4-8","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/","title":{"rendered":"CCNA CyberOps SECOPS &#8211; Objectives 4.7 and 4.8"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Map DNS logs and HTTP logs together to find a threat actor <\/p><cite><strong>Implementing Cisco Cybersecurity Operations (210-255) <\/strong> <\/cite><\/blockquote>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Map DNS, HTTP, and threat intelligence data together <\/p><cite><strong>Implementing Cisco Cybersecurity Operations (210-255) <\/strong> <\/cite><\/blockquote>\n\n\n\n<p>Understanding logs from DNS servers and HTTP servers is important. Analyzing data from the logs can help with determining security incidents. Both types of logs include IP address information. Using this field as a key one can map the logs together and establish a chain of information.<\/p>\n\n\n\n<p>Threat intelligence data, such as reputation data from Talos, provides a broader view of what a certain IP or domain has been seen doing worldwide. This can help prioritize data being analyzed from DNS and HTTP logs. Intelligence data can be fed into SEIM and other systems using TAXII or STIX feeds.<\/p>\n\n\n\n<p>Tools like ELSA, Splunk, or QRadar help with mapping logs through automated correlation and normalization of the logs. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Map DNS logs and HTTP logs together to find a threat actor Implementing Cisco Cybersecurity Operations (210-255) Map DNS, HTTP, and threat intelligence data together Implementing Cisco Cybersecurity Operations (210-255) Understanding logs from DNS servers and HTTP servers is important. Analyzing data from the logs can help with determining security incidents. Both types of logs [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":204,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CCNA CyberOps SECOPS - Objectives 4.7 and 4.8 #ciscocert #ccnacyberops #ciscochampions","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,105,31,24],"tags":[107,90,106,149],"class_list":["post-885","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ccna-cyberops","category-certification","category-cisco","tag-ccna-cyberops","tag-certification","tag-cisco","tag-cisco-certified-cyber-ops-associate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CCNA CyberOps SECOPS - Objectives 4.7 and 4.8 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CCNA CyberOps SECOPS - Objectives 4.7 and 4.8 -\" \/>\n<meta property=\"og:description\" content=\"Map DNS logs and HTTP logs together to find a threat actor Implementing Cisco Cybersecurity Operations (210-255) Map DNS, HTTP, and threat intelligence data together Implementing Cisco Cybersecurity Operations (210-255) Understanding logs from DNS servers and HTTP servers is important. Analyzing data from the logs can help with determining security incidents. Both types of logs [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-26T15:00:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-25T15:32:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i2.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CCNA CyberOps SECOPS &#8211; Objectives 4.7 and 4.8\",\"datePublished\":\"2019-08-26T15:00:49+00:00\",\"dateModified\":\"2020-02-25T15:32:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/\"},\"wordCount\":153,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1\",\"keywords\":[\"CCNA CyberOps\",\"certification\",\"cisco\",\"Cisco Certified Cyber Ops Associate\"],\"articleSection\":[\"Blog\",\"CCNA CyberOps\",\"Certification\",\"cisco\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/\",\"name\":\"CCNA CyberOps SECOPS - Objectives 4.7 and 4.8 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1\",\"datePublished\":\"2019-08-26T15:00:49+00:00\",\"dateModified\":\"2020-02-25T15:32:29+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/10\\\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1\",\"width\":640,\"height\":426,\"caption\":\"Photo by Lex Photography from Pexels\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/08\\\/26\\\/ccna-cyberops-secops-objectives-4-7-and-4-8\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CCNA CyberOps SECOPS &#8211; Objectives 4.7 and 4.8\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CCNA CyberOps SECOPS - Objectives 4.7 and 4.8 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/","og_locale":"en_US","og_type":"article","og_title":"CCNA CyberOps SECOPS - Objectives 4.7 and 4.8 -","og_description":"Map DNS logs and HTTP logs together to find a threat actor Implementing Cisco Cybersecurity Operations (210-255) Map DNS, HTTP, and threat intelligence data together Implementing Cisco Cybersecurity Operations (210-255) Understanding logs from DNS servers and HTTP servers is important. Analyzing data from the logs can help with determining security incidents. Both types of logs [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-08-26T15:00:49+00:00","article_modified_time":"2020-02-25T15:32:29+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/i2.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CCNA CyberOps SECOPS &#8211; Objectives 4.7 and 4.8","datePublished":"2019-08-26T15:00:49+00:00","dateModified":"2020-02-25T15:32:29+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/"},"wordCount":153,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1","keywords":["CCNA CyberOps","certification","cisco","Cisco Certified Cyber Ops Associate"],"articleSection":["Blog","CCNA CyberOps","Certification","cisco"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/","name":"CCNA CyberOps SECOPS - Objectives 4.7 and 4.8 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1","datePublished":"2019-08-26T15:00:49+00:00","dateModified":"2020-02-25T15:32:29+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1","width":640,"height":426,"caption":"Photo by Lex Photography from Pexels"},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/26\/ccna-cyberops-secops-objectives-4-7-and-4-8\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CCNA CyberOps SECOPS &#8211; Objectives 4.7 and 4.8"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/10\/pexels-photo-1109541.jpeg?fit=640%2C426&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-eh","jetpack-related-posts":[{"id":867,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/21\/ccna-cyberops-secops-objectives-4-3-and-4-4\/","url_meta":{"origin":885,"position":0},"title":"CCNA CyberOps SECOPS &#8211; Objectives 4.3 and 4.4","author":"Ben Story","date":"August 21, 2019","format":false,"excerpt":"Describe 5-tuple correlation Implementing Cisco Cybersecurity Operations (210-255) Describe the 5-tuple approach to isolate a compromised host in a grouped set of logs Implementing Cisco Cybersecurity Operations (210-255) As noted in the discussion of Netflow, the 5-tuple consists of the Protocol, Source IP, Source Port, Destination IP, and Destination Port.\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":815,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/10\/ccna-cyberops-secops-objective-2-7\/","url_meta":{"origin":885,"position":1},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.7","author":"Ben Story","date":"August 10, 2019","format":false,"excerpt":"Map the provided events to these source technologies: NetFlow, IDS \/ IPS, Firewall, Network application control, Proxy logs, AntivirusImplementing Cisco Cybersecurity Operations (210-255) NetFlow NetFlow (or IPFIX) data will contain the standard 5-tuple of information: source IP address, destination IP address, source port, destination port, and the protocol. IDS\/IPS Intrusion\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":528,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/16\/ccna-cyberops-secfnd-objective-5-3-5-5\/","url_meta":{"origin":885,"position":2},"title":"CCNA CyberOps SECFND Objective 5.3 &#8211; 5.5","author":"Ben Story","date":"March 16, 2019","format":false,"excerpt":"5.3 Describe these concepts as they relate to security monitoring Access Control List: ACLs are used to filter traffic based on source and\/or destination. Logs created by ACLs can be useful to monitor for certain types of traffic.NAT\/PAT: Network Address Translation and Port Address Translation hide internal addresses behind public\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Microscope","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":864,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/20\/ccna-cyberops-secops-objective-4-2\/","url_meta":{"origin":885,"position":3},"title":"CCNA CyberOps SECOPS &#8211; Objective 4.2","author":"Ben Story","date":"August 20, 2019","format":false,"excerpt":"Interpret common data values into a universal format Implementing Cisco Cybersecurity Operations (210-255) For this objective, I would suggest using Security Onion to collect some data from a firewall and IPS. Within the Security Onion stack is a tool called ELSA. ELSA is an open-source SEIM product. It takes the\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Markus Spiske temporausch.com from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":758,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/04\/ccna-cyberops-secops-objective-1-8\/","url_meta":{"origin":885,"position":4},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.8","author":"Ben Story","date":"August 4, 2019","format":false,"excerpt":"Describe the role of attribution in an investigation Implementing Cisco Cybersecurity Operations (210-255) Assets: Any data, device or other aspects of the environment that supports information systems.Threat Actor: The person or group responsible for an attack on an asset.","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":524,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/15\/ccna-cyberops-secfnd-objective-5-2\/","url_meta":{"origin":885,"position":5},"title":"CCNA CyberOps SECFND Objective 5.2","author":"Ben Story","date":"March 15, 2019","format":false,"excerpt":"Describe these types of data used in security monitoring: Full packet capture, session data, transaction data, statistical data, extracted content, alert dataUnderstanding Cisco Cybersecurity Fundamentals (210-250) Full Packet Capture Full packet capture data can be very useful in analyzing what occurred on a network. Unfortunately to capture everything is very\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/fibre-1515964_1920.jpg?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/885","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=885"}],"version-history":[{"count":1,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/885\/revisions"}],"predecessor-version":[{"id":1124,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/885\/revisions\/1124"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/204"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=885"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=885"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=885"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}