Cargando…
CCNA Cyber Ops SECOPS certification guide 210-255 : learn the skills to pass the 210-255 certification exam and become a competent SECOPS associate /
Cyber-attacks, in their various forms, are increasing in frequency and complexity, causing potential losses to organizations. This book equips readers with the skills required to succeed at 210-255 SECOPS exam, and for those re-sitting, to understand their score report and quickly identify the appro...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing, Limited,
[2019]
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Title Page; Copyright and Credits; About Packt; Contributors; Table of Contents; Preface; Section 1: Endpoint Threat Analysis and Forensics; Chapter 1: Classifying Threats; Categorizing and communicating threats; AMP Threat Grid; Cuckoo Sandbox; Requirements for CVSS; Exploitability metrics; Attack vector; Attack complexity; Privileges required; User interaction; Impact metrics; Confidentiality; Integrity; Availability; Scope; Summary; Questions; Further reading; Chapter 2: Operating System Families; Starting the operating system; Basic Input Output System; Master Boot Record
- Unified Extensible Firmware InterfaceGUID Partition Table; Booting Windows and Linux; Filesystems; File Allocation Table 32; New Technology Filesystem; Extended Filesystem 4; Making, finding, accessing, and editing data; Creating files; Locating files; Reading files; Changes to files and properties; Deleting files; Summary; Questions; Further reading; Chapter 3: Computer Forensics and Evidence Handling; Types of evidence; Digital forensics versus cybersecurity forensics; Best evidence; Direct versus indirect evidence; Corroborative evidence; Maintaining evidential value; Altered disk image
- Unaltered disk imageChain of custody; Attribution; Asset attribution; Threat actor attribution; Summary; Questions; Further reading; Section 2: Intrusion Analysis; Chapter 4: Identifying Rogue Data from a Dataset; Using regexes to find normal characters; Using regexes to find characters in a set; Using regexes to extract groups of characters; Using regex logical operators; Summary; Questions; Further reading; Chapter 5: Warning Signs from Network Data; Physical and data link layer (Ethernet) frame headers; Layer 1; Preamble; Start frame delimiter; Interframe separation; Layer 2; Addressing
- VLAN taggingType/Length fields; Cyclic redundancy checking; Network layer (IPv4, IPv6, and ICMP) packet headers; Internet Protocol (IPv4 and IPv6); Version; IPv4: Internet Header Length, options, and padding; IPv4
- Type of Service and IPv6
- Traffic Class; IPv4
- Total Length and IPv6
- Payload Length; IPv4
- Time-to-Live and IPv6
- Hop Limit; IPv4
- Protocol and IPv6
- Next Header; IPv4
- identification and flags; Source and destination addresses; ICMP; Transport layer (TCP and UDP) segment and datagram headers; TCP; Source and destination ports; Sequence and acknowledgment numbers
- Header lengthFlags; Window; Checksum; Urgent pointer; UDP; Source and destination port; Length; Checksum; Application layer (HTTP) headers; Request header; Request method name; URI; HTTP version; User-Agent; Response header; Summary; Questions; Further reading; Chapter 6: Network Security Data Analysis; PCAP files and Wireshark; Viewing packet details; Extracting data using Wireshark; Alert identification; Network indicators; IP address (source/destination); Client and server port identity; URI/URL; Payload indicators; Process (file or registry); System (API calls); Hashes