New Training: Security Policies and Procedures

In this 5-video skill, CBT Nuggets trainer John Munjoma focuses on security frameworks and management of incidents. Watch this new Cisco training.

Watch the full course: Cisco Certified CyberOps Associate

This training includes:

• 5 videos

• 30 minutes of training

You’ll learn these topics in this skill:

• Server Profiling

• Network Profiling

• Identifying Protected Network Data

• The Cyber Kill Chain

• SOC Metrics And Scope Analysis

What Does the Cyber Kill Chain Describe?

In network security, there’s a concept called the cyber kill chain. In IT, the cyber kill chain breaks down any action an intruder could take as they attack a network or a system into eight distinct phases.

The value of the cyber kill chain is in breaking down an otherwise complex task like defending against cyber attacks into small chunks that can be handled individually. Different intruders will try different approaches, use different tools and techniques, or be trying to accomplish different goals, but their actions will always fall into one of the eight phases. If we apply robust defenses at each of those phases, we can rest assured of our network’s security.

The eight phases are Reconnaissance, where attackers gaining info; Intrusion, where attackers infiltrate; Exploitation, when malicious code gets a foothold; Privilege Escalation, where attackers give themselves broader permissions; Lateral Movement, where they use those permissions to seek more data or permissions; Obfuscation, where logs get deleted and tracks get covered; Denial of Service, where attackers disrupt normal services; Exfiltration, where data gets removed.