{"id":902,"date":"2019-09-24T09:00:40","date_gmt":"2019-09-24T14:00:40","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=902"},"modified":"2020-02-25T09:32:28","modified_gmt":"2020-02-25T15:32:28","slug":"ccna-cyberops-secops-objective-5-3","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/","title":{"rendered":"CCNA CyberOps SECOPS &#8211; Objective 5.3"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Define these activities as they relate to incident handling <\/p><cite>Implementing Cisco Cybersecurity Operations (210-255)<\/cite><\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Identification<\/h2>\n\n\n\n<p>Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS\/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the Incident Response Team.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Scoping<\/h2>\n\n\n\n<p>The IRT takes all identified incidents and analyzes them to determine their scope. Scoping the incident involves answering several questions:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>What systems are affected?<\/li><li>Where did the incident originate from?<\/li><li>What tools or attacks are being used?<\/li><li>What vulnerabilities are being exploited?<\/li><\/ul>\n\n\n\n<p>The answers will help the team to prioritize the incident.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Containment<\/h2>\n\n\n\n<p>The IRT must decide how to contain the incident. This containment strategy depends on the scope of the attack, the type of attack and the severity of the threat. Other factors for containment include the cost of the containment and the resources needed.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Remediation<\/h2>\n\n\n\n<p>Once the incident is contained, the team can focus on eradication and recovery. The systems affected and their data will need to be restored from backups. The systems themselves may need to be retained as digital evidence for any further criminal investigation. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Lesson-Based Hardening<\/h2>\n\n\n\n<p>Also known as the lessons learned phase. During this phase lessons learned during the response are evaluated. These can be lessons learned about the attack itself or about how the response was handled. Attack lessons can be turned into new patches and hardening of systems. Response lessons should be integrated into the incident response plan for future incidents.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Reporting<\/h2>\n\n\n\n<p>Reporting is done within the incident response as well as at the end. Depending on the plan, pre-defined communications to stakeholders like C-Level, HR, and PR happen during the incident. After the incident reporting may include regulatory reporting as well as the internal stakeholders.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS\/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":904,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CCNA CyberOps SECOPS - Objective 5.3 #ccnacyberops #ciscocert #ciscochampions","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,105,31,24],"tags":[107,90,106,149],"class_list":["post-902","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ccna-cyberops","category-certification","category-cisco","tag-ccna-cyberops","tag-certification","tag-cisco","tag-cisco-certified-cyber-ops-associate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CCNA CyberOps SECOPS - Objective 5.3 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CCNA CyberOps SECOPS - Objective 5.3 -\" \/>\n<meta property=\"og:description\" content=\"Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS\/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-24T14:00:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-25T15:32:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"427\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CCNA CyberOps SECOPS &#8211; Objective 5.3\",\"datePublished\":\"2019-09-24T14:00:40+00:00\",\"dateModified\":\"2020-02-25T15:32:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/\"},\"wordCount\":309,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1\",\"keywords\":[\"CCNA CyberOps\",\"certification\",\"cisco\",\"Cisco Certified Cyber Ops Associate\"],\"articleSection\":[\"Blog\",\"CCNA CyberOps\",\"Certification\",\"cisco\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/\",\"name\":\"CCNA CyberOps SECOPS - Objective 5.3 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1\",\"datePublished\":\"2019-09-24T14:00:40+00:00\",\"dateModified\":\"2020-02-25T15:32:28+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1\",\"width\":640,\"height\":427,\"caption\":\"Photo by rawpixel.com from Pexels\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/24\\\/ccna-cyberops-secops-objective-5-3\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CCNA CyberOps SECOPS &#8211; Objective 5.3\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CCNA CyberOps SECOPS - Objective 5.3 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/","og_locale":"en_US","og_type":"article","og_title":"CCNA CyberOps SECOPS - Objective 5.3 -","og_description":"Define these activities as they relate to incident handling Implementing Cisco Cybersecurity Operations (210-255) Identification Continuous monitoring of the environment by the SOC allows for identification of true positive incidents. This monitoring can come from multiple sources including IPS\/IDS, Firewalls, Endpoint Agents and the SIEM. Once detected and confirmed the incident is sent to the [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-09-24T14:00:40+00:00","article_modified_time":"2020-02-25T15:32:28+00:00","og_image":[{"width":640,"height":427,"url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CCNA CyberOps SECOPS &#8211; Objective 5.3","datePublished":"2019-09-24T14:00:40+00:00","dateModified":"2020-02-25T15:32:28+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/"},"wordCount":309,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1","keywords":["CCNA CyberOps","certification","cisco","Cisco Certified Cyber Ops Associate"],"articleSection":["Blog","CCNA CyberOps","Certification","cisco"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/","name":"CCNA CyberOps SECOPS - Objective 5.3 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1","datePublished":"2019-09-24T14:00:40+00:00","dateModified":"2020-02-25T15:32:28+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1","width":640,"height":427,"caption":"Photo by rawpixel.com from Pexels"},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/24\/ccna-cyberops-secops-objective-5-3\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CCNA CyberOps SECOPS &#8211; Objective 5.3"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/care-case-cure-1327217.jpg?fit=640%2C427&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-ey","jetpack-related-posts":[{"id":823,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/11\/ccna-cyberops-secops-objective-2-9\/","url_meta":{"origin":902,"position":0},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.9","author":"Ben Story","date":"August 11, 2019","format":false,"excerpt":"Interpret a provided intrusion event and host profile to calculate the impact flag generated by Firepower Management Center (FMC) Implementing Cisco Cybersecurity Operations (210-255) FMC Incident FMC Host Profile The firepower management console (FMC) presents information about the incidents and hosts. Impact flag 1 indicates an incident against a host\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/06\/abstract-business-code-270348.jpg?fit=1200%2C645&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":830,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/12\/ccna-cyberops-secops-objective-3-1\/","url_meta":{"origin":902,"position":1},"title":"CCNA CyberOps SECOPS &#8211; Objective 3.1","author":"Ben Story","date":"August 12, 2019","format":false,"excerpt":"Describe the elements that should be included in an incident response plan as stated in NIST.SP800-61 r2 Implementing Cisco Cybersecurity Operations (210-255) NIST's SP 800-61 was developed to help organizations formulate incident response plans. It can be found here. Each organization's incident response plan will be different. There are some\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504-1.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504-1.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504-1.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504-1.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504-1.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":845,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/15\/ccna-cyberops-secops-objective-3-4\/","url_meta":{"origin":902,"position":2},"title":"CCNA CyberOps SECOPS &#8211; Objective 3.4","author":"Ben Story","date":"August 15, 2019","format":false,"excerpt":"Describe the goals of the given CSIRT Implementing Cisco Cybersecurity Operations (210-255) A Computer Security Incident Response Team (CSIRT) can come in several different forms. Internal CSIRT - an Internal CSIRT is established by an organization to handle incident response for their own organization.National CSIRT - National CSIRTs provide services\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Markus Spiske temporausch.com from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-193349.jpeg?fit=640%2C960&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":809,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/09\/ccna-cyberops-secops-objective-2-6\/","url_meta":{"origin":902,"position":3},"title":"CCNA CyberOps SECOPS &#8211; Objective 2.6","author":"Ben Story","date":"August 9, 2019","format":false,"excerpt":"Interpret common artifact elements from an event to identify an alert Implementing Cisco Cybersecurity Operations (210-255) IP Address (source\/destination) IP address artifacts are useful to help identify both the attacker and the victim in a cybersecurity incident. IP address information can also help with tracking an attacker when they pivot\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Francis Seura from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":901,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/23\/ccna-cyberops-secops-objective-5-2\/","url_meta":{"origin":902,"position":4},"title":"CCNA CyberOps SECOPS &#8211; Objective 5.2","author":"Ben Story","date":"September 23, 2019","format":false,"excerpt":"Apply the NIST.SP800-61 r2 incident handling process to an event Implementing Cisco Cybersecurity Operations (210-255) The NIST.SP800-61 r2 incident handling process document contains several example scenarios. These are all contained in Appendix A of the document. Below are some of the suggested questions for each phase from section A-1 of\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Whiteboard drawing of a flow chart.","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/diagram-flowchart-hand-1181311.jpg?fit=640%2C427&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/diagram-flowchart-hand-1181311.jpg?fit=640%2C427&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/diagram-flowchart-hand-1181311.jpg?fit=640%2C427&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":758,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/04\/ccna-cyberops-secops-objective-1-8\/","url_meta":{"origin":902,"position":5},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.8","author":"Ben Story","date":"August 4, 2019","format":false,"excerpt":"Describe the role of attribution in an investigation Implementing Cisco Cybersecurity Operations (210-255) Assets: Any data, device or other aspects of the environment that supports information systems.Threat Actor: The person or group responsible for an attack on an asset.","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/902","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=902"}],"version-history":[{"count":1,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/902\/revisions"}],"predecessor-version":[{"id":1121,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/902\/revisions\/1121"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/904"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=902"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=902"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=902"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}