Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Free Learning

You're reading from CCNA Cyber Ops SECOPS - Certification Guide 210-255 Learn the skills to pass the 210-255 certification exam and become a competent SECOPS associate

Product type Paperback

Published in Jul 2019

Publisher Packt

ISBN-13 9781838559861

Length 352 pages

Edition 1st Edition

Tools

Cisco

Concepts

Network Security

Author (1):

Andrew Chu

View More author details

Table of Contents (24) Chapters

Preface

1. Section 1: Endpoint Threat Analysis and Forensics FREE CHAPTER

2. Classifying Threats

3. Operating System Families

4. Computer Forensics and Evidence Handling

5. Section 2: Intrusion Analysis

6. Identifying Rogue Data from a Dataset

7. Warning Signs from Network Data

8. Network Security Data Analysis

9. Section 3: Incident Response

10. Roles and Responsibilities During an Incident

11. Network and Server Profiling

12. Compliance Frameworks

13. Section 4: Data and Event Analysis

14. Data Normalization and Exploitation

15. Drawing Conclusions from the Data

16. Section 5: Incident Handling

17. The Cyber Kill Chain Model

18. Incident-Handling Activities

19. Section 6: Mock Exams

20. Mock Exam 1

21. Mock Exam 2

22. Assessments

23. Other Books You May Enjoy

Leave a review - let other readers know what you think

Questions

If one of the devices in the network has an address of 10.114.115.55/24, which regex string would represent any address in the network?
1. 10.114.115.55
2. 10\.114\.115\.\d{0,3}
3. 10\.114\.d{0.3}\.\d{0,3}
4. 10.\D{0,3}\.D{0.3}\.\D{0,3}

The following three questions are related to the scenario and the following screenshot.

syslog in Linux (/var/log/syslog) captures information about a range of different activities. The following edited log has extracted some of the events between 22:52 and 22:59 on February 2nd:

An analyst suspects that a piece of malware has amended cron—the Linux task scheduler—in order to run itself. How could the analyst filter syslog for only logs related to cron?
1. CRON
2. cron
3. [cron]*
4. [CRONcron]
The investigator creates a separate file for CRON, by combining the cron daily, weekly, and monthly files into a file called analyseme.txt in the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Chu

Andrew Chu is a networking and cybersecurity lecturer at London Metropolitan University (LMU). LMU is a Cisco Academy, Academy Support Center, and Instructor Training Center. He has a postgraduate certificate in computer science education, and teaches CCNA routing and switching, as well as CCNA Cyber Ops, through LMU. A former military engineer, he enjoys testing systems to destruction, and learning from this and sharing the results. He has over 10 years' experience of working in physical and electronic systems security, including advising on and authoring security policies and risk assessments. This includes creating a community-owned ISP; working in government service; and training industry professionals, career changers, and new students.

See other products by Chu