Learn Tech From Zero

Learn Tech From Zero https://validator.w3.org/feed/docs/rss2.html Learn Tech From Zero CompTIA CySA+ (CS0-003) Identification and authentication failures End-of-life or outdated components Security misconfiguration CompTIA Server+ (SK0-005) Security tools Causes of common problems Common concerns Tools and techniques Causes of common problems Common problems OS and software toolsand techniques Causes of common problems Common problems Tools and techniques Causes of common problems Common problems Cisco Certified CyberOps Associate – 200-201 CBROPS Evidence collection order Map the organization stakeholders against the NIST IR categories (CMMC, NIST.SP800-61) Describe the relationship of SOC metrics to scope analysis (time to detect, time to contain, time to respond, time to control) Intellectual property PSI Running tasks Running processes Logged in users/service accounts Listening ports Critical asset address space Ports used Session duration Total throughput Volatile data collection Data preservation Post-incident analysis (lessons learned) Data integrity Containment, eradication, and recovery Classify intrusion events into categories as defined by security models, such as Cyber Kill Chain Model and Diamond Model of Intrusion Detection and analysis Preparation Apply the incident handling process such as NIST.SP800-61 to an event Describe the elements in an incident response plan as stated in NIST.SP800-61 Vulnerability management PHI Patch management Mobile device management PII Configuration management Asset management Applications