SECOPS 9 Flashcards Preview

CCNA Cyber Ops SECOPS > SECOPS 9 > Flashcards

Flashcards in SECOPS 9 Deck (8)
Loading flashcards...
1

When did events occur?

In UTC

2

Who?

IP/Domain associated with malware.

3

Where did the infection come from?

Location of the attacker

4

What type of malware is on the system?

Use sandbox to find out type of malware.

5

Why? What does it do and what is it's purpose?

Sandbox to see what it's doing and find its intent.

6

How did the malware get on the system?

Email, Scareware, etc.

7

Threat investigation process (5)

Alert
Detect
Confirm
Remediate
Resolve

8

X-Forwarded-For HTTP header

ID originating IP address, which often is a proxy.