SECOPS 2: NSM Tools and Data Flashcards Preview

CCNA Cyber Ops SECOPS > SECOPS 2: NSM Tools and Data > Flashcards

Flashcards in SECOPS 2: NSM Tools and Data Deck (11)
Loading flashcards...
1
Q

Session data

A

Summary data for network connections. Who talked to whom and when. Like a phone bill.

5 Tuple with timestamps

2
Q

Full Packet Capture format

A

PCAP

3
Q

Full content data

A

aka full packet capture

4
Q

Transaction data

A

Details associated with requests and responses.

Example: Client GET request and server response

5
Q

Alert data

A

Typically from IPS. Network traffic matches conditions to generate alert.

6
Q

Statistical data

A

Statistics derived from NSM data

7
Q

Statistical data over time produces…

A

baselines

8
Q

Baselines define

A

what is normal

9
Q

Anomalies

A

Deviations from normal

10
Q

Metadata

A

Data about data.

11
Q

Bro produces … but can produce…

A

Session data, but can produce almost any data type (transaction, extracted, alert, etc.)