Chapter 8
Fundamentals of Intrusion Analysis
This chapter covers the following topics:
Introduction to Incident Response
Information Sharing and Coordination
Incident Response Team Structure
Common Artifact Elements and Sources of Security Events
Understanding Regular Expressions
Protocols, Protocol Headers, and Intrusion Analysis
How to Map Security Event Types to Source Technologies
This chapter covers the common artifact elements and sources of security events and how you can use regular expressions to analyze security event data. You learn the details about different protocols, protocol headers, and how they relate to intrusion analysis. You also learn how to use packet captures for ...
Get Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.