New Training: Security Policies and Procedures
In this 5-video skill, CBT Nuggets trainer John Munjoma focuses on security frameworks and management of incidents. Watch this new Cisco training.
Watch the full course: Cisco Certified CyberOps Associate
This training includes:
30 minutes of training
You’ll learn these topics in this skill:
Identifying Protected Network Data
The Cyber Kill Chain
SOC Metrics And Scope Analysis
What Does the Cyber Kill Chain Describe?
In network security, there’s a concept called the cyber kill chain. In IT, the cyber kill chain breaks down any action an intruder could take as they attack a network or a system into eight distinct phases.
The value of the cyber kill chain is in breaking down an otherwise complex task like defending against cyber attacks into small chunks that can be handled individually. Different intruders will try different approaches, use different tools and techniques, or be trying to accomplish different goals, but their actions will always fall into one of the eight phases. If we apply robust defenses at each of those phases, we can rest assured of our network’s security.
The eight phases are Reconnaissance, where attackers gaining info; Intrusion, where attackers infiltrate; Exploitation, when malicious code gets a foothold; Privilege Escalation, where attackers give themselves broader permissions; Lateral Movement, where they use those permissions to seek more data or permissions; Obfuscation, where logs get deleted and tracks get covered; Denial of Service, where attackers disrupt normal services; Exfiltration, where data gets removed.