This class was created by Brainscape user Amreek Paul. Visit their profile to learn more about the creator.
By:
Amreek Paul
- decks
- flashcards
- learners
Decks in this class (51)
MD1 The Incident response lifecycle: Introduction to the incident response lifecycle
Nist csf,
The nist incident response lifecycle,
Incident
6
cards
MD1 NIST lifecycle to a fishing attack scenario
Vishing attack how to respond pre...,
Vishing attack how to respond det...,
Containment eradication and recov...
4
cards
MD1 Incident Response Operations: Incident response teams
Incident response teams,
Computer security incident respon...,
How exactly does a csirt function
3
cards
MD1 Roles in response
Computer security incident respon...,
Roles in csirts,
Security analyst
13
cards
MD1 Incident response plans
Response plans,
Elements of incident plans,
Elements of incident plans2 syste...
4
cards
MD1 Incident response tools: Incident response tools
Security analyst
1
cards
MD1 The value of documentation
Documentation,
Types of documentation
2
cards
MD1 Intrusion detection systems
Intrusion detection system ids,
Intrusion prevention system ips
2
cards
MD1 Overview of detection tools
Overview,
Why you need detection tools,
Detection tools
12
cards
MD1 Alert and event management with SIEM and SOAR tools
Siem tools,
How siem tools work,
Siem process1 collect and aggriga...
6
cards
MD1 Overview of SIEM technology
Previously,
Siem advantages,
The siem process
7
cards
MD2 Understand network traffic: The importance of network traffic flows
What is network traffic,
What is network data,
How do you know what s normal beh...
4
cards
MD2 Maintain awareness with network monitoring
Network monitoring overview of re...,
Know your network,
Monitor your network
11
cards
MD2 Data exfiltration attacks
Monitoring network traffic,
How the detection and response pr...,
How the detection and response pr...
3
cards
MD2 Capture and view network traffic: Packets and Packet captures
Packets,
Components of a packet the header,
Components of a packet payload
6
cards
MD2 Learn more about packet captures
Reading overview,
Packets,
Packetsheader
13
cards
MD2 Interpret network communications with packets
Packets analysis and networks,
Et s say that you were tasked wit...
2
cards
MD2 Reexamine the fields of a packet header
Let s examine an important packet...,
Two different versions of the int...,
Version
13
cards
MD2 Investigate packet details
Reading overview,
Internet protocol ip,
Ipv4
16
cards
MD2 Packet Inspection: Packet captures with tcpdump
Tcpdump,
Let s examine a simple tcpdump co...
2
cards
MD2 Overview of tcpdump
Reading intro
1
cards
MD3 Incident detection and verification: The detection and analysis phase of the lifecycle
Detection and analysis phase of t...,
Detection,
Events
5
cards
MD3 Cybersecurity incident detection methods
Detection and analysis phase,
Intrusion detection system ids,
Challenges with detection
11
cards
MD3 Indicators of compromise
Indicators of compromise iocs,
Indicators of attack ioa,
Ioc and ioa
12
cards
MD3 Analyze indicators of compromise with investigative tools
Adding context to investigations,
The power of crowdsourcingcrowdso...,
Virustotal
10
cards
MD3 Create and use documentation: The benefits of documentation
Benefits of documentation
1
cards
MD3 Document evidence with chain of custody forms
Chain of custody,
Example of how chain of custody i...,
Chain of custody log form
4
cards
MD3 Best practices for effective documentation
Documentation,
Documentation benefits,
Documentation benefits
9
cards
MD3 The value of cybersecurity playbooks
The value of cybersecurity playbooks,
3 different types of playbooks,
Automated
4
cards
MD3 Response and Recovery: The role of triage in incident response
Triage,
When does triage happen,
Triage process
4
cards
MD3 The triage process
Triage process,
Receive and assess,
Assign priority
5
cards
MD3 The containment, eradication, and recovery phase of the lifecycle
How security teams contain eradic...,
Containment,
Containment strategies
5
cards
MD3 Business continuity considerations
Business continuity planning,
Consider the impacts of ransomwar...,
Recovery strategies
7
cards
MD3 Post incident actions: The post-incident activity phase of the lifecycle
The post incident activity,
The final report,
A lessons learned meeting
4
cards
MD3 Post incident review
Post incident activity,
Lessons learned,
Recommendations
4
cards
MD4 Overview of logs: The importance of logs
Logs,
Log details,
Log analysis
6
cards
MD4 Best practices for log collection and management
Logs,
Types of logs network,
Types of logs system
12
cards
MD4 Variation of logs
Read md4 overview of log file for...
1
cards
MD4 Overview of intrusion detection systems (IDS): Security monitoring with detection tools
Telemetry,
Intrusion detection system or ids,
Endpoint
6
cards
MD4 Detection tools and techniques
Intrusion detection system ids,
Host based intrusion detection sy...,
Network based intrusion detection...
6
cards
MD4 Components of a detection signature
Signature syntax,
Network intrusion detection syste...,
Nids rulesaction
6
cards
MD4 Examine signatures with suricata
See wod doc course 6 md4 examine ...
1
cards
MD4 Examine suricata logs
See wod doc course 6 md4 overview...
1
cards
MD4 Overview of Suricata
Introduction to suricata,
Suricata features,
Rulespls see course 6 md4 overvie...
7
cards
MD4 Overview of security information event management (SIEM) tools: Reexamine SIEM tools
Siem,
Siem process for data collection,
Splunk
4
cards
MD4 Log sources and log ingestion
Siem process overview,
Log ingestion,
Log forwarders
3
cards
MD4 Query for events with Splunk
Siem tools use different search m...
1
cards
MD4 Query for events with Chronicle
Seemd4 query for events with chro...
1
cards
MD4 Search methods with SIEM tools
See course 6 md4 word docsearch m...
1
cards
MD4 Activity: Perform a query with Splunk
This was a activity completed and...
1
cards
MD4 Activity: Perform a query with Chronicle
See word doc md4 activity perform...
1
cards
More about
06 Sound the Alarm: Detection and Response
- Class purpose General learning
Learn faster with Brainscape on your web, iPhone, or Android device. Study Amreek Paul's 06 Sound the Alarm: Detection and Response flashcards now!
How studying works.
Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.
Add your own flashcards.
Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!
What's Brainscape anyway?
Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.
We use an adaptive study algorithm that is proven to help you learn faster and remember longer....
Looking for something else?
Fire Alarm Systems
- 2 decks
- 61 flashcards
- 30 learners
Decks:
Basic Features Of A Fire Alarm System, Fire Alarm Worksheet, And more!
Detective Development Course
- 16 decks
- 243 flashcards
- 37 learners
Decks:
Arson Liabilities, Arson Definitions, Sexual Offence Liabilities, And more!
Fire Detection and Suppression System...
- 9 decks
- 770 flashcards
- 511 learners
Decks:
Chapter 1 Overview Of Fire Detection And, Chapter 2 Fire Detection And Alarm Syste, Chapter 3 Smoke Management Systems, And more!
Live Sound Engineer Training
- 17 decks
- 251 flashcards
- 19 learners
Decks:
Feedback Identification Full 31 Band Geq, Bpm Ms, Identify Bpm Ms By Ear, And more!
