Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
About This E-Book Title Page Copyright Page About the Authors About the Technical Reviewers Dedications Acknowledgments Command Syntax Conventions Introduction
About the 210-255 CCNA Cyber Ops SECOPS Exam
210-255 CCNA Cyber Ops SECOPS Exam Topics
About the CCNA Cyber Ops SECOPS #210-255 Official Cert Guide
Objectives and Methods Book Features How This Book Is Organized
Companion Website Pearson Test Prep Practice Test Software
Accessing the Pearson Test Prep Software Online Accessing the Pearson Test Prep Software Offline Customizing Your Exams Updating Your Exams
Part I. Threat Analysis and Computer Forensics
Chapter 1. Threat Analysis
“Do I Know This Already?” Quiz Foundation Topics
What Is the CIA Triad: Confidentiality, Integrity, and Availability? Confidentiality Integrity Availability
Threat Modeling Defining and Analyzing the Attack Vector Understanding the Attack Complexity Privileges and User Interaction The Attack Scope Exam Preparation Tasks
Review All Key Topics
Complete Tables and Lists from Memory Define Key Terms Q&A
Chapter 2. Forensics
“Do I Know This Already?” Quiz Foundation Topics
Introduction to Cybersecurity Forensics
The Role of Attribution in a Cybersecurity Investigation The Use of Digital Evidence
Defining Digital Forensic Evidence Understanding Best, Corroborating, and Indirect or Circumstantial Evidence Collecting Evidence from Endpoints and Servers Collecting Evidence from Mobile Devices Collecting Evidence from Network Infrastructure Devices Chain of Custody
Fundamentals of Microsoft Windows Forensics
Processes, Threads, and Services Memory Management Windows Registry The Windows File System FAT NTFS
Fundamentals of Linux Forensics
Linux Processes Ext4 Journaling Linux MBR and Swap File System
Exam Preparation Tasks
Review All Key Topics
Define Key Terms Q&A
Part II. Network Intrusion Analysis
Chapter 3. Fundamentals of Intrusion Analysis
“Do I Know This Already?” Quiz Foundation Topics
Common Artifact Elements and Sources of Security Events False Positives, False Negatives, True Positives, and True Negatives
Understanding Regular Expressions Protocols, Protocol Headers, and Intrusion Analysis Using Packet Captures for Intrusion Analysis
Mapping Security Event Types to Source Technologies
Exam Preparation Tasks
Review All Key Topics
Complete Tables and Lists from Memory Define Key Terms Q&A
Chapter 4. NetFlow for Cybersecurity
“Do I Know This Already?” Quiz Foundation Topics
Introduction to NetFlow What Is a Flow in NetFlow? The NetFlow Cache
NetFlow Versions
Cisco Flexible NetFlow Flexible NetFlow Records Flow Monitors Flow Exporters Flow Samplers Flexible NetFlow Configuration Configure a Flow Record Configuring a Flow Monitor for IPv4 or IPv6 Configuring a Flow Exporter for the Flow Monitor Applying a Flow Monitor to an Interface
IPFIX
IPFIX Architecture IPFIX Mediators IPFIX Templates Option Templates Introduction to the Stream Control Transmission Protocol (SCTP) NetFlow and IPFIX Comparison
NetFlow for Cybersecurity and Incident Response
NetFlow as an Anomaly Detection Tool Incident Response and Network Security Forensics Using NetFlow for Data Leak Detection and Prevention
NetFlow Analysis Tools
Commercial NetFlow Analysis Tools Cisco’s Lancope StealthWatch Solution Plixer’s Scrutinizer Open Source NetFlow Monitoring and Analysis Software Packages
Exam Preparation Tasks
Review All Key Topics
Define Key Terms Q&A
Part III. Incident Response
Chapter 5. Introduction to Incident Response and the Incident Handling Process
“Do I Know This Already?” Quiz Foundation Topics
Introduction to Incident Response What Are Events and Incidents?
The Incident Response Plan The Incident Response Process
The Preparation Phase The Detection and Analysis Phase Containment, Eradication, and Recovery Post-Incident Activity (Postmortem)
Information Sharing and Coordination Incident Response Team Structure The Vocabulary for Event Recording and Incident Sharing (VERIS) Exam Preparation Tasks
Review All Key Topics
Complete Tables and Lists from Memory Define Key Terms Q&A
Chapter 6. Incident Response Teams
“Do I Know This Already?” Quiz Foundation Topics
Computer Security Incident Response Teams (CSIRTs)
Product Security Incident Response Teams (PSIRTs)
Security Vulnerabilities and Their Severity Vulnerability Chaining Role in Fixing Prioritization Fixing Theoretical Vulnerabilities Internally Versus Externally Found Vulnerabilities
National CSIRTs and Computer Emergency Response Teams (CERTs) Coordination Centers Incident Response Providers and Managed Security Service Providers (MSSPs) Exam Preparation Tasks
Review All Key Topics
Define Key Terms Q&A
Chapter 7. Compliance Frameworks
“Do I Know This Already?” Quiz Foundation Topics
Payment Card Industry Data Security Standard (PCI DSS) PCI DSS Data
Health Insurance Portability and Accountability Act (HIPAA)
HIPAA Security Rule HIPAA Safeguards
Sarbanes-Oxley (SOX)
Section 302 Section 404 Section 409
Summary References Exam Preparation Tasks
Review All Key Topics
Complete Tables and Lists from Memory Define Key Terms Review Questions
Chapter 8. Network and Host Profiling
“Do I Know This Already?” Quiz Foundation Topics
Network Profiling Throughput Used Ports Session Duration Critical Asset Address Space
Host Profiling
Listening Ports Logged-in Users/Service Accounts Running Processes Applications
Summary References Exam Preparation Tasks
Review All Key Topics
Define Key Terms Q&A
Part IV. Data and Event Analysis
Chapter 9. The Art of Data and Event Analysis
“Do I Know This Already?” Quiz Foundation Topics
Normalizing Data Interpreting Common Data Values into a Universal Format
Using the 5-Tuple Correlation to Respond to Security Incidents Retrospective Analysis and Identifying Malicious Files
Identifying a Malicious File
Mapping Threat Intelligence with DNS and Other Artifacts Deterministic Versus Probabilistic Analysis Exam Preparation Tasks
Review All Key Topics
Complete Tables and Lists from Memory Define Key Terms Q&A
Part V. Incident Handling
Chapter 10. Intrusion Event Categories
“Do I Know This Already?” Quiz Foundation Topics
Diamond Model of Intrusion
Cyber Kill Chain Model
Reconnaissance Weaponization Delivery Exploitation Installation Command and Control Action and Objectives
Summary References Exam Preparation Tasks
Review All Key Topics
Define Key Terms Q&A
Part VI. Final Preparation
Chapter 11. Final Preparation
Tools for Final Preparation
Pearson Cert Practice Test Engine and Questions on the Website Customizing Your Exams Updating Your Exams The Cisco Learning Network Memory Tables and Lists Chapter-Ending Review Tools
Suggested Plan for Final Review/Study Summary
Part VII. Appendix
Appendix A. Answers to the “Do I Know This Already?” Quizzes and Q&A Glossary Index Appendix B. Memory Tables and Lists Appendix C. Memory Tables and Lists Answers Appendix D. Study Planner
Inside Front Cover Inside Back Cover Where are the companion content files? Where are the companion content files? Access Card Code Snippets
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion