Cisco Practice Test 200-201 CBROPS: Understanding Cisco Cybersecurity Operations Fundamentals
The Cisco 200-201 CBROPS practice test trains you in detecting and responding to cybersecurity threats.
Why should I take the Cisco 200-201 CBROPS exam?
The Cisco 200-201 CBROPS exam tests your knowledge and skills regarding security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures . In order to gain the C yberOps Associate (CCNA) certification, you must pass the 200-201 CBROPS.
The Cisco 200-201 CBROPS practice test includes two different modes: ce rtification and practice mode. Certification mode allows you to assess your knowledge and discover your weak areas, with practic e mode allo wing you t o focus on the areas that need development.
Regular Price
$99.00
As low as
$69.30
https://www.measureup.com/cisco-practice-test-200-201-cbrops-understanding-cisco-cybersecurity-operations-fundamentals.html
7284
Cisco Practice Test 200-201 CBROPS: Understanding Cisco Cybersecurity Operations Fundamentals
<b>Questions:</b> 242 <br><b>Release Date:</b> 10/2020 (Last updated: 02/2024) <br><b>Job Role:</b> Cybersecurity Analyst <br><b>Language:</b> English <br><br><p><span data-contrast="none">The Cisco 200-201 CBROPS practice test contains 242 questions and covers the following topics:</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h3>Security Concepts – 52 questions </h3>
<h4><span style="color: #0780c2;">Describe the CIA triad</span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;" data-contrast="none">Compare security deployments</span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="46" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Network, endpoint, and application security systems</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="46" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Agentless and agent-based protections</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="46" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Legacy antivirus and antimalware</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="46" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">SIEM, SOAR, and log management</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="46" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1">
<div class="ewa-rteLine">Container and virtual environments</div>
</li>
<li data-leveltext="" data-font="Symbol" data-listid="46" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1">
<div class="ewa-rteLine">Cloud security deployments</div>
</li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">D</span><span style="color: #0780c2;">escribe security terms </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Threat intelligence (TI) </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Threat hunting </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Malware analysis </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Threat actor </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Run book automation (RBA)</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Reverse engineering</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Sliding window anomaly detection</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Principle of least privilege</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Zero trust</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Threat intelligence platform (TIP)</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="45" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1">Threat modeling</li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare security concepts </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="44" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Risk (risk scoring/risk weighting, risk reduction, risk assessment) </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="44" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Threat </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="44" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Vulnerability</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="44" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Exploit</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<p> </p>
<h4><span style="color: #0780c2;">Describe the principles of the defense-in-depth strategy </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare access control models </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Discretionary access control</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Mandatory access control</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Nondiscretionary access control</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Authentication, authorization, accounting</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Rule-based access control</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Time-based access control</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Role-based access control</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="43" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Attribute-based access control</span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe terms as defined in CVSS </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="42" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Attack vector </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="42" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Attack complexity</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="42" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Privileges required</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="42" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">User interaction</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="42" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Scope</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="42" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}">Temporal metrics</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="42" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}">Environmental metrics</span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify the challenges of data visibility (network, host, and cloud) in detection </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify potential data loss from provided traffic profiles </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Interpret the 5-tuple approach to isolate a compromised host in a grouped set of logs </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare rule-based detection vs. behavioral and statistical detection </span></h4>
<p><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h3>Security Monitoring – 61 questions </h3>
<h4><span style="color: #0780c2;">Compare attack surface and vulnerability </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify the types of data provided by these technologies </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="41" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">TCP dump </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="41" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">NetFlow </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="41" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Next-gen firewall</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="41" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Traditional stateful firewall</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="41" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Application visibility and control</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="41" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Web content filtering</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="41" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Email content filtering </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe the impact of these technologies on data visibility </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Access control list </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">NAT/PAT </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Tunneling </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">TOR</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Encryption</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">P2P</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Encapsulation</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="40" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Load balancing </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe the uses of these data types in security monitoring </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="39" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Full packet capture </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="39" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Session data </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="39" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Transaction data </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="39" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Statistical data</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="39" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Metadata</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="39" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Alert data </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe network attacks, such as protocol-based, denial of service, distributed denial of service, and man-in-the-middle </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe web application attacks, such as SQL injection, command injections, and cross-site scripting </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe social engineering attacks </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe endpoint-based attacks, such as buffer overflows, command and control (C2), malware, and ransomware </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe evasion and obfuscation techniques, such as tunneling, encryption, and proxies </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe the impact of certificates on security (includes PKI, public/private crossing the network, asymmetric/symmetric) </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify the certificate components in a given scenario </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="38" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Cipher-suite </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="38" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">X.509 certificates </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="38" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Key exchange </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="38" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Protocol version </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="38" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">PKCS </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<p><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559731":720,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h3>Host-Based Analysis – 46 questions </h3>
<h4><span style="color: #0780c2;">Describe the functionality of these endpoint technologies in regard to security monitoring </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="37" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Host-based intrusion detection </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="37" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Antimalware and antivirus</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="37" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Host-based firewall</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="37" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Application-level allow listing/block listing</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="37" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Systems-based sandboxing (such as Chrome, Java, Adobe Reader)</span><span data-contrast="auto"> </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify components of an operating system (such as Windows and Linux) in a given scenario </span></h4>
<h4> </h4>
<h4><span data-contrast="none"><span style="color: #0780c2;">Describe the role of attribution in an investigation</span> </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559731":0,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="36" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Assets </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="36" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Threat actor </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="36" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Indicators of compromise </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="36" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Indicators of attack</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="36" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Chain of custody </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify type of evidence used based on provided logs </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="35" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Best evidence </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="35" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Corroborative evidence</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="35" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Indirect evidence </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare tampered and untampered disk image </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Interpret operating system, application, or command line logs to identify an event </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Interpret the output report of a malware analysis tool (such as a detonation chamber or sandbox) </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="34" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Hashes </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":0,"335559740":257,"335559991":360}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="34" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">URLs </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":0,"335559740":257,"335559991":360}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="34" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Systems, events, and networking </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":0,"335559740":257,"335559991":360}"> </span></li>
</ul>
<p><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559731":720,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h3>Network Intrusion Analysis – 49 questions </h3>
<h4><span style="color: #0780c2;">Map the provided events to source technologies </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">IDS/IPS </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Firewall </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Network application control </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Proxy logs</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Antivirus</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Transaction data (NetFlow)</span><span data-contrast="auto"> </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare impact and no impact for these items </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="32" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">False positive</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="32" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">False negative</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="32" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">True positive</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="32" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">True negative</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="32" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Benign </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare deep packet inspection with packet filtering and stateful firewall operation </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare inline traffic interrogation and taps or traffic monitoring </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Compare the characteristics of data obtained from taps or traffic monitoring and transactional data (NetFlow) in the analysis of network traffic </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Extract files from a TCP stream when given a PCAP file and Wireshark </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify key elements in an intrusion from a given PCAP file </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Source address </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Destination address </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Source port </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Destination port </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Protocols</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="31" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Payloads </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Interpret the fields in protocol headers as related to intrusion analysis </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Ethernet frame </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">IPv4</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">IPv6</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">TCP</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">UDP</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">ICMP</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">DNS</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">SMTP/POP3/IMAP</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">HTTP/HTTPS/HTTP2</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="30" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">ARP</span><span data-contrast="auto"> </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Interpret common artifact elements from an event to identify an alert </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">IP address (source / destination) </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Client and server port identity </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Process (file or registry) </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">System (API calls) </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">Hashes</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="none">URI / URL </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Interpret basic regular expressions </span></h4>
<p><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559731":0,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h3>Security Policies and Procedures – 34 questions </h3>
<h4><span style="color: #0780c2;">Describe management concepts </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Asset management </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Configuration management </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Mobile device management </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Patch management</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Vulnerability management </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe the elements in an incident response plan as stated in NIST.SP800-61 </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Apply the incident handling process (such as NIST.SP800-61) to an event </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Map elements to these steps of analysis based on the NIST.SP800-61 </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Preparation </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Detection and analysis </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Containment, eradication, and recovery </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Post-incident analysis (lessons learned) </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Map the organization stakeholders against the NIST IR categories (CMMC, NIST.SP800- 61) </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Preparation </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Detection and analysis </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Containment, eradication, and recovery </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Post-incident analysis (lessons learned) </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe concepts as documented in NIST.SP800-86 </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Evidence collection order </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Data integrity </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Data preservation</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Volatile data collection </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<p><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559731":0,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h4><span style="color: #0780c2;">Identify these elements used for network profiling </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Total throughput </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Session duration</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Ports used</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Critical asset address space </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<p><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559731":720,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h4><span style="color: #0780c2;">Identify these elements used for server profiling </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Listening ports</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Logged in users/service accounts</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Running processes</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Running tasks</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Applications </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<h4> </h4>
<h4><span style="color: #0780c2;">Identify protected data in a network </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">PII </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">PSI </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">PHI </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="none">Intellectual property </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":0,"335559740":257}"> </span></li>
</ul>
<p><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":6,"335551620":6,"335559685":0,"335559731":0,"335559737":0,"335559738":0,"335559739":0,"335559740":276}"> </span></p>
<h4><span style="color: #0780c2;">Classify intrusion events into categories as defined by security models, such as Cyber Kill Chain Model and Diamond Model of Intrusion </span></h4>
<h4> </h4>
<h4><span style="color: #0780c2;">Describe the relationship of SOC metrics to scope analysis (time to detect, time to contain, time to respond, time to control) </span></h4>
<p> </p>
<p> </p> <u><a target="_blank" href="https://docs.measureup.com/knowledgebase/system-requirements/">System Requirements</a></u>
https://www.measureup.com/media/catalog/product/c/i/cisco2_200-201_pt.png
69.3
instock
99
69.3
30
29.7
Cisco
0
0
0
https://www.measureup.com/media/catalog/product/c/i/cisco2_200-201_pt.png
7283
/measureup/Cisco
/measureup/Cisco/Cisco Practice Tests
/measureup
2020-10-01T11:52:20+0000