Cisco 200-201 Exam With Confidence Using Practice Dumps

NIST SP 800-61 r2 outlines a structured incident handling lifecycle composed of four phases: Preparation, Detection and Analysis, Containment, Eradication, and Recovery, and Post-Incident Activity. Detection and Analysis involve identifying and investigating incidents, while Post-Incident Activity focuses on lessons learned and evidence retention for future reference.

 SP 800-61 Rev. 2, Computer Security Incident Handling Guide | CSRC, Computer Security Incident Handling Guide - NIST, We Read NIST SP 800-61 so You Don’t Have to.

 In RBAC, access is based on the roles that users have within an organization, and permissions to perform certain operations are assigned to specific roles. DAC, on the other hand, is a type of access control where the access rights are determined by the owner of the resource or the resource itself.

 Tap and SPAN are two methods of capturing network traffic for analysis. Tap (Test Access Point) is a hardware device that is inserted between two network devices and sends a copy of all traffic to a monitoring device. SPAN (Switched Port Analyzer) is a software feature that allows a network switch to replicate traffic from one or more source ports to a destination port, where a monitoring device is connected. Both methods provide visibility into network traffic, but Tap is more reliable and less intrusive than SPAN, as it does not affect the network performance or introduce errors. References := Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) - Cisco, page 68.