Atjaunināt sīkdatņu piekrišanu

CCNA Cybersecurity Operations Companion Guide [Hardback]

5.00/5 (5 ratings by Goodreads)
,
  • Formāts: Hardback, 720 pages, height x width x depth: 240x210x30 mm, weight: 1423 g
  • Sērija : Companion Guide
  • Izdošanas datums: 01-Oct-2018
  • Izdevniecība: Cisco Press
  • ISBN-10: 158713439X
  • ISBN-13: 9781587134395
Citas grāmatas par šo tēmu:
  • Hardback
  • Cena: 72,91 €
  • Grāmatu piegādes laiks ir 3-4 nedēļas, ja grāmata ir uz vietas izdevniecības noliktavā. Ja izdevējam nepieciešams publicēt jaunu tirāžu, grāmatas piegāde var aizkavēties.
  • Daudzums:
  • Ielikt grozā
  • Piegādes laiks - 4-6 nedēļas
  • Pievienot vēlmju sarakstam
CCNA Cybersecurity Operations Companion GuidePalielināt
  • Formāts: Hardback, 720 pages, height x width x depth: 240x210x30 mm, weight: 1423 g
  • Sērija : Companion Guide
  • Izdošanas datums: 01-Oct-2018
  • Izdevniecība: Cisco Press
  • ISBN-10: 158713439X
  • ISBN-13: 9781587134395
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781587134395.html
Keywords:
CCNA Cybersecurity Operations Companion Guide is the official supplemental textbook for the Cisco Networking Academy CCNA Cybersecurity Operations course.







The course emphasizes real-world practical application, while providing opportunities for you to gain the skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level security analyst working in a security operations center (SOC).







The Companion Guide is designed as a portable desk reference to use anytime, anywhere to reinforce the material from the course and organize your time.







The books features help you focus on important concepts to succeed in this course:







·         Chapter ObjectivesReview core concepts by answering the focus questions listed at the beginning of each chapter.

·         Key TermsRefer to the lists of networking vocabulary introduced and highlighted in context in each chapter.

·         GlossaryConsult the comprehensive Glossary with more than 360 terms.

·         Summary of Activities and LabsMaximize your study time with this complete list of all associated practice exercises at the end of each chapter.

·         Check Your UnderstandingEvaluate your readiness with the end-of-chapter questions that match the style of questions you see in the online course quizzes. The answer key explains each answer.







How ToLook for this icon to study the steps you need to learn to perform certain tasks.







Interactive ActivitiesReinforce your understanding of topics with dozens of exercises from the online course identified throughout the book with this icon.







Packet Tracer ActivitiesExplore and visualize networking concepts using Packet Tracer. There are exercises interspersed throughout the chapters and provided in the accompanying Lab Manual book.







VideosWatch the videos embedded within the online course.







Hands-on LabsDevelop critical thinking and complex problem-solving skills by completing the labs and activities included in the course and published in the separate Lab Manual.

 
Introduction xxiv
Chapter 1 Cybersecurity and the Security Operations Center 1(18)
Objectives
1(1)
Key Terms
1(1)
Introduction
2(1)
The Danger
2(5)
War Stories
2(2)
Hijacked People
2(1)
Ransomed Companies
3(1)
Nations
3(1)
Threat Actors
4(1)
Amateurs
4(1)
Hacktivists
4(1)
Financial Gain
4(1)
Trade Secrets and Global Politics
4(1)
How Secure Is the Internet of Things?
4(1)
Threat Impact
5(2)
PII and PHI
5(1)
Lost Competitive Advantage
6(1)
Politics and National Security
6(1)
Fighters in the War Against Cybercrime
7(8)
The Modern Security Operations Center
7(4)
Elements of an SOC
7(1)
People in the SOC
8(1)
Process in the SOC
8(1)
Technologies in the SOC
9(1)
Enterprise and Managed Security
10(1)
Security vs. Availability
11(1)
Becoming a Defender
11(10)
Certifications
12(1)
Further Education
12(1)
Sources of Career Information
13(1)
Getting Experience
13(2)
Summary
15(1)
Practice
15(1)
Check Your Understanding
16(3)
Chapter 2 Windows Operating System 19(52)
Objectives
19(1)
Key Terms
19(2)
Introduction
21(1)
Windows Overview
21(20)
Windows History
21(6)
Disk Operating System
21(2)
Windows Versions
23(1)
Windows GUI
24(2)
Operating System Vulnerabilities
26(1)
Windows Architecture and Operations
27(14)
Hardware Abstraction Layer
27(1)
User Mode and Kernel Mode
28(1)
Windows File Systems
28(3)
Windows Boot Process
31(2)
Windows Startup and Shutdown
33(3)
Processes, Threads, and Services
36(2)
Memory Allocation and Handles
38(1)
The Windows Registry
38(3)
Windows Administration
41(25)
Windows Configuration and Monitoring
41(17)
Run as Administrator
41(1)
Local Users and Domains
42(2)
CLI and PowerShell
44(2)
Windows Management Instrumentation
46(1)
The net Command
47(2)
Task Manager and Resource Monitor
49(2)
Networking
51(5)
Accessing Network Resources
56(1)
Windows Server
56(2)
Windows Security
58(15)
The netstat Command
58(1)
Event Viewer
59(1)
Windows Update Management
60(1)
Local Security Policy
61(2)
Windows Defender
63(1)
Windows Firewall
64(2)
Summary
66(1)
Practice
67(1)
Check Your Understanding
68(3)
Chapter 3 Linux Operating System 71(44)
Objectives
71(1)
Key Terms
71(2)
Introduction
73(1)
Linux Overview
73(11)
Linux Basics
73(3)
What is Linux?
73(1)
The Value of Linux
74(1)
Linux in the SOC
74(2)
Linux Tools
76(1)
Working in the Linux Shell
76(6)
The Linux Shell
77(1)
Basic Commands
77(2)
File and Directory Commands
79(1)
Working with Text Files
79(1)
The Importance of Text Files in Linux
80(2)
Linux Servers and Clients
82(2)
An Introduction to Client-Server Communications
82(1)
Servers, Services, and Their Ports
83(1)
Clients
83(1)
Linux Administration
84(13)
Basic Server Administration
84(7)
Service Configuration Files
84(4)
Hardening Devices
88(1)
Monitoring Service Logs
89(2)
The Linux File System
91(6)
The File System Types in Linux
92(2)
Linux Roles and File Permissions
94(2)
Hard Links and Symbolic Links
96(1)
Linux Hosts
97(14)
Working with the Linux GUI
97(3)
X Window System
98(1)
The Linux GUI
99(1)
Working on a Linux Host
100(18)
Installing and Running Applications on a Linux Host
100(2)
Keeping the System Up to Date
102(1)
Processes and Forks
102(3)
Malware on a Linux Host
105(1)
Rootkit Check
106(4)
Piping Commands
110(1)
Summary
111(1)
Practice
112(1)
Check Your Understanding
112(3)
Chapter 4 Network Protocols and Services 115(120)
Objectives
115(1)
Key Terms
115(3)
Introduction
118(1)
Network Protocols
118(21)
Network Communications Process
118(5)
Views of the Network
118(1)
Client-Server Communications
119(1)
A Typical Session: Student
119(1)
A Typical Session: Gamer
120(1)
A Typical Session: Surgeon
121(1)
Tracing the Path
121(2)
Communications Protocols
123(16)
What Are Protocols?
123(1)
Network Protocol Suites
124(2)
The TCP/IP Protocol Suite
126(2)
Format, Size, and Timing
128(1)
Unicast, Multicast, and Broadcast
129(1)
Reference Models
130(1)
Three Addresses
131(1)
Encapsulation
132(4)
Scenario: Sending and Receiving a Web Page
136(3)
Ethernet and Internet Protocol (IP)
139(25)
Ethernet
139(3)
The Ethernet Protocol
139(1)
The Ethernet Frame
140(1)
MAC Address Format
141(1)
IPv4
142(6)
IPv4 Encapsulation
142(2)
IPv4 Characteristics
144(3)
The IPv4 Packet
147(1)
IPv4 Addressing Basics
148(7)
IPv4 Address Notation
148(1)
IPv4 Host Address Structure
149(2)
IPv4 Subnet Mask and Network Address
151(1)
Subnetting Broadcast Domains
152(3)
Types of IPv4 Addresses
155(2)
IPv4 Address Classes and Default Subnet Masks
155(1)
Reserved Private Addresses
156(1)
The Default Gateway
157(3)
Host Forwarding Decision
157(1)
Default Gateway
158(1)
Using the Default Gateway
159(1)
IPv6
160(4)
Need for IPv6
160(1)
IPv6 Size and Representation
161(1)
IPv6 Address Formatting
162(1)
IPv6 Prefix Length
163(1)
Connectivity Verification
164(12)
ICMP
164(4)
ICMPv4 Messages
164(2)
ICMPv6 RS and RA Messages
166(2)
Ping and Traceroute Utilities
168(8)
Ping: Testing the Local Stack
168(1)
Ping: Testing Connectivity to the Local LAN
169(1)
Ping: Testing Connectivity to Remote Host
170(2)
Traceroute: Testing the Path
172(3)
ICMP Packet Format
175(1)
Address Resolution Protocol
176(8)
MAC and IP
176(3)
Destination on the Same Network
176(2)
Destination on a Remote Network
178(1)
ARP
179(3)
Introduction to ARP
179(1)
ARP Functions
179(2)
Removing Entries from an ARP Table
181(1)
ARP Tables on Networking Devices
181(1)
ARP Issues
182(2)
ARP Broadcasts
182(1)
ARP Spoofing
183(1)
The Transport Layer
184(22)
Transport Layer Characteristics
184(12)
Transport Layer Protocol Role in Network Communication
184(2)
Transport Layer Mechanisms
186(1)
TCP Local and Remote Ports
187(2)
Socket Pairs
189(1)
TCP vs. UDP
190(4)
TCP and UDP Headers
194(2)
Transport Layer Operation
196(10)
TCP Port Allocation
196(3)
A TCP Session Part I: Connection Establishment and Termination
199(2)
A TCP Session Part II: Data Transfer
201(3)
A UDP Session
204(2)
Network Services
206(24)
DHCP
206(3)
DHCP Overview
206(2)
DHCPv4 Message Format
208(1)
DNS
209(7)
DNS Overview
209(1)
The DNS Domain Hierarchy
210(1)
The DNS Lookup Process
211(2)
DNS Message Format
213(1)
Dynamic DNS
214(1)
The WHOIS Protocol
215(1)
NAT
216(3)
NAT Overview
216(1)
NAT-Enabled Routers
217(1)
Port Address Translation
218(1)
File Transfer and Sharing Services
219(3)
FTP and TFTP
219(1)
SMB
220(2)
Email
222(3)
Email Overview
222(1)
SMTP
223(1)
POP3
223(1)
IMAP
224(1)
HTTP
225(12)
HTTP Overview
225(2)
The HTTP URL
227(1)
The HTTP Protocol
227(1)
HTTP Status Codes
228(2)
Summary
230(1)
Practice
231(1)
Check Your Understanding
231(4)
Chapter 5 Network Infrastructure 235(60)
Objectives
235(1)
Key Terms
235(2)
Introduction
237(1)
Network Communication Devices
237(25)
Network Devices
237(17)
End Devices
237(1)
Routers
238(3)
Router Operation
241(1)
Routing Information
242(2)
Hubs, Bridges, LAN Switches
244(1)
Switching Operation
245(2)
VLANs
247(1)
STP
248(5)
Multilayer Switching
253(1)
Wireless Communications
254(8)
Protocols and Features
254(2)
Wireless Network Operations
256(2)
The Client to AP Association Process
258(3)
Wireless Devices: AP, LWAP, WLC
261(1)
Network Security Infrastructure
262(20)
Security Devices
262(10)
Firewalls
262(1)
Firewall Type Descriptions
263(2)
Packet Filtering Firewalls
265(1)
Stateful Firewalls
266(1)
Next-Generation Firewalls
266(1)
Intrusion Protection and Detection Devices
267(1)
Advantages and Disadvantages of IDS and IPS
268(1)
Types of IPS
269(2)
Specialized Security Appliances
271(1)
Security Services
272(10)
Traffic Control with ACLs
272(1)
ACLs: Important Features
273(1)
SNMP
274(1)
NetFlow
275(1)
Port Mirroring
276(1)
Syslog Servers
277(1)
NTP
277(2)
AAA Servers
279(1)
VPN
280(2)
Network Representations
282(9)
Network Topologies
282(15)
Overview of Network Components
282(1)
Physical and Logical Topologies
283(2)
WAN Topologies
285(1)
LAN Topologies
285(1)
The Three-Layer Network Design Model
286(2)
Common Security Architectures
288(3)
Summary
291(1)
Practice
292(1)
Check Your Understanding
292(3)
Chapter 6 Principles of Network Security 295(36)
Objectives
295(1)
Key Terms
295(2)
Introduction
297(1)
Attackers and Their Tools
297(8)
Who Is Attacking Our Network
297(4)
Threat, Vulnerability, and Risk
297(1)
Hacker vs. Threat Actor
298(1)
Evolution of Threat Actors
299(1)
Cybercriminals
300(1)
Cybersecurity Tasks
300(1)
Cyber Threat Indicators
300(1)
Threat Actor Tools
301(4)
Introduction of Attack Tools
301(1)
Evolution of Security Tools
302(2)
Categories of Attacks
304(1)
Common Threats and Attacks
305(20)
Malware
305(6)
Types of Malware
305(1)
Viruses
306(1)
Trojan Horses
306(1)
Trojan Horse Classification
307(1)
Worms
307(1)
Worm Components
308(1)
Ransomware
309(1)
Other Malware
310(1)
Common Malware Behaviors
310(1)
Common Network Attacks
311(21)
Types of Network Attacks
311(1)
Reconnaissance Attacks
312(1)
Sample Reconnaissance Attacks
312(2)
Access Attacks
314(1)
Types of Access Attacks
315(2)
Social Engineering Attacks
317(1)
Phishing Social Engineering Attacks
318(1)
Strengthening the Weakest Link
319(1)
Denial-of-Service Attacks
319(1)
DDoS Attacks
320(1)
Example DDoS Attack
321(1)
Buffer Overflow Attack
322(1)
Evasion Methods
323(2)
Summary
325(2)
Practice
327(1)
Check Your Understanding
327(4)
Chapter 7 Network Attacks: A Deeper Look 331(44)
Objectives
331(1)
Key Terms
331(1)
Introduction
332(1)
Network Monitoring and Tools
332(8)
Introduction to Network Monitoring
332(3)
Network Security Topology
332(1)
Monitoring the Network
333(1)
Network TAPS
333(1)
Traffic Mirroring and SPAN
334(1)
Introduction to Network Monitoring Tools
335(5)
Network Security Monitoring Tools
335(1)
Network Protocol Analyzers
335(2)
NetFlow
337(1)
SIEM
338(1)
SIEM Systems
339(1)
Attacking the Foundation
340(14)
IP Vulnerabilities and Threats
340(10)
IPv4 and IPv6
340(1)
The IPv4 Packet Header
340(2)
The IPv6 Packet Header
342(1)
IP Vulnerabilities
343(1)
ICMP Attacks
343(2)
DoS Attacks
345(1)
Amplification and Reflection Attacks
346(1)
DDoS Attacks
347(1)
Address Spoofing Attacks
348(2)
TCP and UDP Vulnerabilities
350(4)
TCP
350(1)
TCP Attacks
351(2)
UDP and UDP Attacks
353(1)
Attacking What We Do
354(16)
IP Services
354(8)
ARP Vulnerabilities
354(1)
ARP Cache Poisoning
355(2)
DNS Attacks
357(1)
DNS Tunneling
358(1)
DHCP
359(3)
Enterprise Services
362(14)
HTTP and HTTPS
362(4)
Email
366(1)
Web-Exposed Databases
367(3)
Summary
370(1)
Practice
370(1)
Check Your Understanding
371(4)
Chapter 8 Protecting the Network 375(24)
Objectives
375(1)
Key Terms
375(1)
Introduction
376(1)
Understanding Defense
376(8)
Defense-in-Depth
376(5)
Assets, Vulnerabilities, Threats
376(1)
Identify Assets
376(1)
Identify Vulnerabilities
377(1)
Identify Threats
378(1)
Security Onion and Security Artichoke Approaches
379(2)
Security Policies
381(3)
Business Policies
381(1)
Security Policy
381(1)
BYOD Policies
382(1)
Regulatory and Standard Compliance
383(1)
Access Control
384(6)
Access Control Concepts
384(1)
Communications Security: CIA
384(1)
Access Control Models
385(1)
AAA Usage and Operation
385(5)
AAA Operation
385(1)
AAA Authentication
386(2)
AAA Accounting Logs
388(2)
Threat Intelligence
390(5)
information Sources
390(2)
Network Intelligence Communities
390(2)
Cisco Cybersecurity Reports
392(1)
Security Blogs and Podcasts
392(1)
Threat Intelligence Services
392(8)
Cisco Talos
392(1)
FireEye
393(1)
Automated Indicator Sharing
393(1)
Common Vulnerabilities and Exposures Database
393(1)
Threat Intelligence Communication Standards
394(1)
Summary
395(1)
Practice
396(1)
Check Your Understanding Questions
396(3)
Chapter 9 Cryptography and the Public Key Infrastructure 399(56)
Objectives
399(1)
Key Terms
399(1)
Introduction
400(1)
Cryptography
400(29)
What Is Cryptography?
400(9)
Securing Communications
400(2)
Cryptology
402(1)
Cryptography: Ciphers
403(3)
Cryptanalysis: Code Breaking
406(2)
Keys
408(1)
Integrity and Authenticity
409(7)
Cryptographic Hash Functions
409(2)
Cryptographic Hash Operation
411(1)
MD5 and SHA
411(2)
Hash Message Authentication Code
413(3)
Confidentiality
416(13)
Encryption
416(1)
Symmetric Encryption
417(1)
Symmetric Encryption Algorithms
418(3)
Asymmetric Encryption Algorithms
421(2)
Asymmetric Encryption: Confidentiality
423(2)
Asymmetric Encryption: Authentication
425(1)
Asymmetric Encryption: Integrity
426(2)
Diffie-Hellman
428(1)
Public Key Infrastructure
429(21)
Public Key Cryptography
430(7)
Using Digital Signatures
430(2)
Digital Signatures for Code Signing
432(3)
Digital Signatures for Digital Certificates
435(2)
Authorities and the PKI Trust System
437(9)
Public Key Management
437(1)
The Public Key Infrastructure
438(1)
The PKI Authorities System
439(2)
The PKI Trust System
441(1)
Interoperability of Different PKI Vendors
442(2)
Certificate Enrollment, Authentication, and Revocatibn
444(2)
Applications and Impacts of Cryptography
446(10)
PKI Applications
447(1)
Encrypting Network Transactions
447(1)
Encryption and Security Monitoring
448(2)
Summary
450(1)
Practice
451(1)
Check Your Understanding
452(3)
Chapter 10 Endpoint Security and Analysis 455(46)
Objectives
455(1)
Key Terms
455(1)
Introduction
456(1)
Endpoint Protection
456(14)
Antimalware Protection
456(7)
Endpoint Threats
456(1)
Endpoint Security
457(2)
Host-Based Malware Protection
459(2)
Network-Based Malware Protection
461(1)
Cisco Advanced Malware Protection (AMP)
462(1)
Host-Based Intrusion Protection
463(3)
Host-Based Fire walls
463(1)
Host-Based Intrusion Detection
464(1)
HIDS Operation
465(1)
HIDS Products
466(1)
Application Security
466(4)
Attack Surface
466(1)
Application Blacklisting and Whitelisting
467(2)
System-Based Sandboxing
469(1)
Endpoint Vulnerability Assessment
470(26)
Network and Server Profiling
470(3)
Network Profiling
470(1)
Server Profiling
471(1)
Network Anomaly Detection
472(1)
Network Vulnerability Testing
473(1)
Common Vulnerability Scoring System (CVSS)
473(7)
CVSS Overview
473(1)
CVSS Metric Groups
474(1)
CVSS Base Metric Group
475(1)
The CVSS Process
476(2)
CVSS Reports
478(1)
Other Vulnerability Information Sources
479(1)
Compliance Frameworks
480(2)
Compliance Regulations
480(1)
Overview of Regulatory Standards
480(2)
Secure Device Management
482(9)
Risk Management
482(2)
Vulnerability Management
484(2)
Asset Management
486(1)
Mobile Device Management
486(1)
Configuration Management
487(1)
Enterprise Patch Management
488(1)
Patch Management Techniques
488(3)
Information Security Management Systems
491(11)
Security Management Systems
491(1)
ISO-27001
491(2)
NIST Cybersecurity Framework
493(3)
Summary
496(1)
Practice
497(1)
Check Your Understanding
498(3)
Chapter 11 Security Monitoring 501(40)
Objectives
501(1)
Key Terms
501(1)
Introduction
502(1)
Technologies and Protocols
502(11)
Monitoring Common Protocols
502(6)
Syslog and NTP
502(1)
NTP
503(1)
DNS
504(1)
HTTP and HTTPS
505(2)
Email Protocols
507(1)
ICMP
507(1)
Security Technologies
508(5)
ACLs
508(1)
NAT and PAT
509(1)
Encryption, Encapsulation, and Tunneling
510(1)
Peer-to-Peer Networking and Tor
511(1)
Load Balancing
512(1)
Log Files
513(24)
Types of Security Data
513(5)
Alert Data
514(1)
Session and Transaction Data
515(1)
Full Packet Captures
516(1)
Statistical Data
517(1)
End Device Logs
518(8)
Host Logs
518(2)
Syslog
520(1)
Server Logs
521(1)
Apache HTTP Server Access Logs
522(1)
IIS Access Logs
523(2)
SIEM and Log Collection
525(1)
Network Logs
526(16)
Tcpdump
526(1)
NetFlow
527(2)
Application Visibility and Control
529(1)
Content Filter Logs
530(1)
Logging from Cisco Devices
531(1)
Proxy Logs
532(3)
NextGen IPS
535(2)
Summary
537(1)
Practice
538(1)
Check Your Understanding
538(3)
Chapter 12 Intrusion Data Analysis 541(40)
Objectives
541(1)
Key Terms
541(1)
Introduction
542(1)
Evaluating Alerts
542(12)
Sources of Alerts
542(8)
Security Onion
542(1)
Detection Tools for Collecting Alert Data
543(1)
Analysis Tools
544(1)
Alert Generation
544(2)
Rules and Alerts
546(1)
Snort Rule Structure
547(3)
Overview of Alert Evaluation
550(4)
The Need for Alert Evaluation
550(1)
Evaluating Alerts
551(1)
Deterministic Analysis and Probabilistic Analysis
552(2)
Working with Network Security Data
554(16)
A Common Data Platform
554(4)
ELSA
554(1)
Data Reduction
554(2)
Data Normalization
556(1)
Data Archiving
557(1)
Investigating Network Data
558(11)
Working in Sguil
559(1)
Sguil Queries
560(2)
Pivoting from Sguil
562(1)
Event Handling in Sguil
563(1)
Working in ELSA
564(1)
Queries in ELSA
565(2)
Investigating Process or API Calls
567(1)
Investigating File Details
568(1)
Enhancing the Work of the Cybersecurity Analyst
569(1)
Dashboards and Visualizations
570(1)
Workflow Management
570(1)
Digital Forensics
570(7)
Evidence Handling and Attack Attribution
570(12)
Digital Forensics
571(1)
The Digital Forensics Process
572(1)
Types of Evidence
573(1)
Evidence Collection Order
573(1)
Chain of Custody
574(1)
Data Integrity and Preservation
574(1)
Attack Attribution
575(2)
Summary
577(1)
Practice
578(1)
Check Your Understanding
578(3)
Chapter 13 Incident Response and Handling 581(38)
Objectives
581(1)
Key Terms
581(1)
Introduction
582(1)
Incident Response Models
582(17)
The Cyber Kill Chain
582(6)
Steps of the Cyber Kill Chain
582(1)
Reconnaissance
583(1)
Weaponization
584(1)
Delivery
585(1)
Exploitation
585(1)
Installation
586(1)
Command and Control
586(1)
Actions on Objectives
587(1)
The Diamond Model of Intrusion
588(3)
Diamond Model Overview
588(1)
Pivoting Across the Diamond Model
589(1)
The Diamond Model and the Cyber Kill Chain
590(1)
The VERIS Schema
591(8)
What Is the VERIS Schema?
592(1)
Create a VERIS Record
592(2)
Top-Level and Second-Level Elements
594(4)
The VERIS Community Database
598(1)
Incident Handling
599(14)
CSIRTs
599(2)
CSIRT Overview
599(1)
Types of CSIRTs
599(1)
CERT
600(1)
NIST 800-61r2
601(12)
Establishing an Incident Response Capability
601(1)
Incident Response Stakeholders
602(1)
NIST Incident Response Life Cycle
603(1)
Preparation
604(1)
Detection and Analysis
605(2)
Containment, Eradication, and Recovery
607(2)
Post-Incident Activities
609(1)
Incident Data Collection and Retention
610(2)
Reporting Requirements and Information Sharing
612(1)
Summary
613(1)
Practice
614(1)
Check Your Understanding
614(5)
Appendix A Answers to the "Check Your Understanding" Questions 619(16)
Glossary 635(20)
Index 655
Allan Johnson entered the academic world in 1999 after 10 years as a business owner/operator to dedicate his efforts to his passion for teaching. He holds both an MBA and an M.Ed in training and development. He taught CCNA courses at the high school level for seven years and has taught both CCNA and CCNP courses at Del Mar College in Corpus Christi, Texas. In 2003, Allan began to commit much of his time and energy to the CCNA Instructional Support Team providing services to Networking Academy instructors worldwide and creating training materials. He now works full time for Cisco Networking Academy as Curriculum Lead.