This class was created by Brainscape user Amreek Paul. Visit their profile to learn more about the creator.
By:
Amreek Paul
- decks
- flashcards
- learners
Decks in this class (51)
MD1 The Incident response lifecycle: Introduction to the incident response lifecycle
Nist csf 1,
The nist incident response lifecy...,
Incident 3
6
cards
MD1 NIST lifecycle to a fishing attack scenario
Vishing attack how to respond 1,
Vishing attack how to respond 2,
Vishing attack how to respond 3
4
cards
MD1 Incident Response Operations: Incident response teams
Incident response teams 1,
Computer security incident respon...,
How exactly does a csirt function 3
3
cards
MD1 Roles in response
Computer security incident respon...,
Roles in csirts 2,
Security analyst 3
13
cards
MD1 Incident response plans
Response plans 1,
Elements of incident plans 2,
Elements of incident plans 3
4
cards
MD1 Incident response tools: Incident response tools
Security analyst not much in the ...
1
cards
MD1 The value of documentation
Documentation 1,
Types of documentation 2
2
cards
MD1 Intrusion detection systems
Intrusion detection system ids 1,
Intrusion prevention system ips 2
2
cards
MD1 Overview of detection tools
Overview 1,
Why you need detection tools 2,
Detection tools 3
12
cards
MD1 Alert and event management with SIEM and SOAR tools
Siem tools 1,
How siem tools work 2,
Siem process 1 collect and aggrig...
6
cards
MD1 Overview of SIEM technology
Previously 1,
Siem advantages 2,
The siem process 3
7
cards
MD2 Understand network traffic: The importance of network traffic flows
What is network traffic 1,
What is network data 2,
How do you know what s normal beh...
4
cards
MD2 Maintain awareness with network monitoring
Network monitoring overview of re...,
Know your network 2,
Monitor your network 3
11
cards
MD2 Data exfiltration attacks
Monitoring network traffic 1,
How the detection and response pr...,
How the detection and response pr...
3
cards
MD2 Capture and view network traffic: Packets and Packet captures
Packets 1,
Components of a packet 2,
Components of a packet 3
6
cards
MD2 Learn more about packet captures
Reading overview 1,
Packets 2,
Packets header 3
13
cards
MD2 Interpret network communications with packets
Packets analysis and networks 1,
Let s say that you were tasked wi...
2
cards
MD2 Reexamine the fields of a packet header
Let s examine an important packet...,
Two different versions of the int...,
Version 3
13
cards
MD2 Investigate packet details
Reading overview 1,
Internet protocol ip 2,
Ipv4 3
16
cards
MD2 Packet Inspection: Packet captures with tcpdump
Tcpdump 1,
Let s examine a simple tcpdump co...
2
cards
MD2 Overview of tcpdump
Pls see course 6 md2 reading over...
1
cards
MD3 Incident detection and verification: The detection and analysis phase of the lifecycle
Detection and analysis phase of t...,
Detection 2,
Events 3
5
cards
MD3 Cybersecurity incident detection methods
Detection and analysis phase 1,
Intrusion detection system ids 2,
Challenges with detection 3
11
cards
MD3 Indicators of compromise
Indicators of compromise iocs 1,
Indicators of attack ioa 2,
Ioc and ioa 3
12
cards
MD3 Analyze indicators of compromise with investigative tools
Adding context to investigations 1,
The power of crowdsourcing 2,
Virustotal 3
10
cards
MD3 Create and use documentation: The benefits of documentation
Benefits of documentation 1
1
cards
MD3 Document evidence with chain of custody forms
Chain of custody 1,
Example of how chain of custody i...,
Chain of custody log form 3
4
cards
MD3 Best practices for effective documentation
Documentation 1,
Documentation benefits 2,
Documentation benefits 3
9
cards
MD3 The value of cybersecurity playbooks
The value of cybersecurity playbo...,
3 different types of playbooks 2,
Automated 3
4
cards
MD3 Response and Recovery: The role of triage in incident response
Triage 1,
When does triage happen 2,
Triage process 3
4
cards
MD3 The triage process
Triage process 1,
Receive and assess 2,
Assign priority 3
5
cards
MD3 The containment, eradication, and recovery phase of the lifecycle
How security teams contain eradic...,
Containment 2,
Containment strategies 3
5
cards
MD3 Business continuity considerations
Business continuity planning 1,
Consider the impacts of ransomwar...,
Recovery strategies 3
7
cards
MD3 Post incident actions: The post-incident activity phase of the lifecycle
The post incident activity 1,
The final report 2,
A lessons learned meeting 3
4
cards
MD3 Post incident review
Post incident activity 1,
Lessons learned 2,
Recommendations 3
4
cards
MD4 Overview of logs: The importance of logs
Logs 1,
Log details 2,
Log analysis 3
6
cards
MD4 Best practices for log collection and management
Logs 1,
Types of logs network 2,
Types of logs system 3
12
cards
MD4 Variation of logs
Read md4 overview of log file for...
1
cards
MD4 Overview of intrusion detection systems (IDS): Security monitoring with detection tools
Telemetry 1,
Intrusion detection system or ids 2,
Endpoint 3
6
cards
MD4 Detection tools and techniques
Intrusion detection system ids 1,
Host based intrusion detection sy...,
Network based intrusion detection...
6
cards
MD4 Components of a detection signature
Signature syntax 1,
Network intrusion detection syste...,
Nids rules action 3
6
cards
MD4 Examine signatures with suricata
See wod doc course 6 md4 overview...
1
cards
MD4 Examine suricata logs
See wod doc course 6 md4 overview...
1
cards
MD4 Overview of Suricata
Introduction to suricata 1,
Suricata features 2,
Rules pls see course 6 md4 overvi...
7
cards
MD4 Overview of security information event management (SIEM) tools: Reexamine SIEM tools
Siem 1,
Siem process for data collection 2,
Splunk 3
4
cards
MD4 Log sources and log ingestion
Siem process overview 1,
Log ingestion 2,
Log forwarders 3
3
cards
MD4 Query for events with Splunk
See course 6 md 4 video on splunk 1
1
cards
MD4 Query for events with Chronicle
See md4 query for events with chr...
1
cards
MD4 Search methods with SIEM tools
See course 6 md4 word docsearch m...
1
cards
MD4 Activity: Perform a query with Splunk
This was a activity completed and...
1
cards
MD4 Activity: Perform a query with Chronicle
See word doc md4 activity perform...
1
cards
More about
06 Sound the Alarm: Detection and Response
- Class purpose General learning
Learn faster with Brainscape on your web, iPhone, or Android device. Study Amreek Paul's 06 Sound the Alarm: Detection and Response flashcards now!
How studying works.
Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.
Add your own flashcards.
Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!
What's Brainscape anyway?
Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.
We use an adaptive study algorithm that is proven to help you learn faster and remember longer....
Looking for something else?
detective test
- 121 decks
- 4139 flashcards
- 52 learners
Decks:
Crimes Code Deck 15, Directives, Directives Patrol Enforcenent, And more!
