{"id":918,"date":"2019-09-26T10:30:37","date_gmt":"2019-09-26T15:30:37","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=918"},"modified":"2020-02-25T09:32:28","modified_gmt":"2020-02-25T15:32:28","slug":"ccna-cyberops-secops-objective-5-4","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/","title":{"rendered":"CCNA CyberOps SECOPS &#8211; Objective 5.4"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Describe these concepts as they are documented in <a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-86\/final\">NIST SP800-86<\/a>: evidence collection order, data integrity, data preservation, volatile data collection<\/p><cite><strong>Implementing Cisco Cybersecurity Operations (210-255) <\/strong> <\/cite><\/blockquote>\n\n\n\n<p>The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Evidence Collection Order<\/h2>\n\n\n\n<p>There are three steps to collecting evidence. First, you must develop a plan for priorities and the order to collect evidence. The next step is to acquire the data. This part must be done with care to preserve the chain of custody. Finally, the evidence must be preserved. The integrity of the data when making backup copies must be paramount to keep the original evidence intact. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Data Integrity<\/h2>\n\n\n\n<p>When copying the original data to a backup, write blockers should be used to prevent any data being written to the original. Once the backup is done a message digest should be made of both the original and the backup. These digests should match to verify that the backup is identical to the original data. Commonly either an MD5 or SHA-1 algorithm is used to make this digest.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Volatile Data Collection<\/h2>\n\n\n\n<p>Because volatile storage like RAM is constantly changing, it must be collected as soon as possible. It also must be collected before the device is shutdown. When the analyst first comes to the system, they should record what is currently on the screen before touching any input devices. If the device is locked or asleep the analyst has to determine the risk of trying to unlock the machine. An analyst must also weigh the risks that malicious actors have left software behind designed to destroy evidence when access is attempted. Ideally, the criterion for decisions about volatile data collection should be defined before an incident response.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Describe these concepts as they are documented in NIST SP800-86: evidence collection order, data integrity, data preservation, volatile data collection Implementing Cisco Cybersecurity Operations (210-255) The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes. Evidence Collection Order [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":919,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CCNA CyberOps SECOPS - Objective 5.4 #ccnacyberops #ciscocert #ciscochampions","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,105,31,24],"tags":[107,90,106,149],"class_list":["post-918","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-ccna-cyberops","category-certification","category-cisco","tag-ccna-cyberops","tag-certification","tag-cisco","tag-cisco-certified-cyber-ops-associate"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CCNA CyberOps SECOPS - Objective 5.4 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CCNA CyberOps SECOPS - Objective 5.4 -\" \/>\n<meta property=\"og:description\" content=\"Describe these concepts as they are documented in NIST SP800-86: evidence collection order, data integrity, data preservation, volatile data collection Implementing Cisco Cybersecurity Operations (210-255) The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes. Evidence Collection Order [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-26T15:30:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-25T15:32:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i1.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CCNA CyberOps SECOPS &#8211; Objective 5.4\",\"datePublished\":\"2019-09-26T15:30:37+00:00\",\"dateModified\":\"2020-02-25T15:32:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/\"},\"wordCount\":306,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1\",\"keywords\":[\"CCNA CyberOps\",\"certification\",\"cisco\",\"Cisco Certified Cyber Ops Associate\"],\"articleSection\":[\"Blog\",\"CCNA CyberOps\",\"Certification\",\"cisco\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/\",\"name\":\"CCNA CyberOps SECOPS - Objective 5.4 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1\",\"datePublished\":\"2019-09-26T15:30:37+00:00\",\"dateModified\":\"2020-02-25T15:32:28+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1\",\"width\":640,\"height\":426,\"caption\":\"Photo by kat wilcox from Pexels\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/09\\\/26\\\/ccna-cyberops-secops-objective-5-4\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CCNA CyberOps SECOPS &#8211; Objective 5.4\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CCNA CyberOps SECOPS - Objective 5.4 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/","og_locale":"en_US","og_type":"article","og_title":"CCNA CyberOps SECOPS - Objective 5.4 -","og_description":"Describe these concepts as they are documented in NIST SP800-86: evidence collection order, data integrity, data preservation, volatile data collection Implementing Cisco Cybersecurity Operations (210-255) The best way to study for this objective is to read or at least read the highlights of the NIST document. Here are some of my notes. Evidence Collection Order [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-09-26T15:30:37+00:00","article_modified_time":"2020-02-25T15:32:28+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/i1.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CCNA CyberOps SECOPS &#8211; Objective 5.4","datePublished":"2019-09-26T15:30:37+00:00","dateModified":"2020-02-25T15:32:28+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/"},"wordCount":306,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1","keywords":["CCNA CyberOps","certification","cisco","Cisco Certified Cyber Ops Associate"],"articleSection":["Blog","CCNA CyberOps","Certification","cisco"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/","name":"CCNA CyberOps SECOPS - Objective 5.4 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1","datePublished":"2019-09-26T15:30:37+00:00","dateModified":"2020-02-25T15:32:28+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1","width":640,"height":426,"caption":"Photo by kat wilcox from Pexels"},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/09\/26\/ccna-cyberops-secops-objective-5-4\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CCNA CyberOps SECOPS &#8211; Objective 5.4"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/09\/accident-barrier-caution-tape-923681.jpg?fit=640%2C426&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-eO","jetpack-related-posts":[{"id":752,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/04\/ccna-cyberops-secops-objective-1-6\/","url_meta":{"origin":918,"position":0},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.6","author":"Ben Story","date":"August 4, 2019","format":false,"excerpt":"Compare and contrast three types of evidence Implementing Cisco Cybersecurity Operations (210-255) Best Evidence Traditionally this term refers to evidence that can be presented in court in its original form. With cybersecurity, most courts will also accept a digital copy if proper procedures are followed. Corroborating Evidence Evidence that supports\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/disc-magnifying-glass-270318.jpg?fit=640%2C480&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/disc-magnifying-glass-270318.jpg?fit=640%2C480&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/disc-magnifying-glass-270318.jpg?fit=640%2C480&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":755,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/04\/ccna-cyberops-secops-objective-1-7\/","url_meta":{"origin":918,"position":1},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.7","author":"Ben Story","date":"August 4, 2019","format":false,"excerpt":"Compare and contrast two types of image Implementing Cisco Cybersecurity Operations (210-255) Disk Images There are two types of disk images when dealing with forensic evidence. Unaltered images can be compared to the original using a hash like MD5 or SHA256 and will return the same hash as the original.\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Andre Mouton from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/animal-animal-photography-blurred-background-1207875.jpg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/animal-animal-photography-blurred-background-1207875.jpg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/07\/animal-animal-photography-blurred-background-1207875.jpg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":531,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/18\/ccna-cyberops-secfnd-objective-6-1\/","url_meta":{"origin":918,"position":2},"title":"CCNA CyberOps SECFND Objective 6.1","author":"Ben Story","date":"March 18, 2019","format":false,"excerpt":"Compare and contrast an attack surface and vulnerability.Implementing Cisco Cybersecurity Operations (210-255) The attack surface of a piece of hardware or software is the total of all potential attack vectors. An attack vector can be a service or other entry point. To be used in an attack there must be\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Pascal Renet from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/architecture-building-castle-187854.jpg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/architecture-building-castle-187854.jpg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/03\/architecture-building-castle-187854.jpg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":758,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/04\/ccna-cyberops-secops-objective-1-8\/","url_meta":{"origin":918,"position":3},"title":"CCNA CyberOps SECOPS &#8211; Objective 1.8","author":"Ben Story","date":"August 4, 2019","format":false,"excerpt":"Describe the role of attribution in an investigation Implementing Cisco Cybersecurity Operations (210-255) Assets: Any data, device or other aspects of the environment that supports information systems.Threat Actor: The person or group responsible for an attack on an asset.","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":491,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/03\/06\/ccna-cyberops-secfnd-objective-2-3\/","url_meta":{"origin":918,"position":4},"title":"CCNA CyberOps SECFND Objective 2.3","author":"Ben Story","date":"March 6, 2019","format":false,"excerpt":"Describe these terms: Threat actor, run book automation, chain of custody, reverse engineering, sliding window anomaly detection, PII and PHI.Understanding Cisco Cybersecurity Fundamentals (210-250) Threat Actor A threat actor is the individual or group that performs the attack or security incident. Several types of threat actors exist. Script kiddies: Uses\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-373543.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":843,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/08\/14\/ccna-cyberops-secops-objective-3-3\/","url_meta":{"origin":918,"position":5},"title":"CCNA CyberOps SECOPS &#8211; Objective 3.3","author":"Ben Story","date":"August 14, 2019","format":false,"excerpt":"Map the organization stakeholders against the NIST IR categories (C2M2, NIST.SP800-61 r2) Implementing Cisco Cybersecurity Operations (210-255) The best I could find for this topic were the stakeholders defined by the Cybersecurity Capability Maturity Model (C2M2) documentation as listed below. Decision makers (executives) who control the allocation of resources and\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by Lukas from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-652348.jpeg?fit=640%2C423&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-652348.jpeg?fit=640%2C423&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-652348.jpeg?fit=640%2C423&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/918","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=918"}],"version-history":[{"count":1,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/918\/revisions"}],"predecessor-version":[{"id":1122,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/918\/revisions\/1122"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/919"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=918"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=918"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=918"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}